The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]

Scripts / handy tips
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
  syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
Author: Dan 
Date:   17-02-08 22:20

Ever seen these?

Feb 17 17:11:18 polo kernel: TCP: [10.55.0.67]:61883 to [10.55.0.23]:5666 tcpflags 0x11<FIN,ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
Feb 17 17:11:22 polo kernel: TCP: [10.55.0.67]:59973 to [10.55.0.23]:5666 tcpflags 0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received data after socket was closed, sending RST and removing tcpcb
Feb 17 17:11:22 polo kernel: TCP: [10.55.0.67]:59973 to [10.55.0.23]:5666 tcpflags 0x10<ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)

Silence them with:

sysctl net.inet.tcp.log_debug=0

NOTE: I found that adding this entry to /etc/sysctl.conf won't set this.

I'm on

FreeBSD polo.exmple.org 7.0-CURRENT FreeBSD 7.0-CURRENT #2: Wed Sep 19 11:34:09 EDT 2007 dan@polo.example.org:/usr/obj/usr/src/sys/POLO i386

--
Webmaster

Post Edited (26-03-08 21:21)

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org