Displaying 6 results from an estimated 6 matches for "ack_seq".
2013 Jun 21
0
[Bug 696] Extra tcp options for REJECT --reject-with tcp-reset-both / tcp-reset-destination
....
>
> So overall, it is difficult to understand the motivation for this request.
> And even more difficult would be actually implementing it.
That's the difficulty that userspace programs such as tcpkill, killcx,
cutter, snort, and similar have to face. The kernel manages the seq and
ack_seq counters itself, so it doesn't have to try: It issues a reset,
rather than injecting it.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
2013 Jun 21
0
[Bug 696] Extra tcp options for REJECT --reject-with tcp-reset-both / tcp-reset-destination
https://bugzilla.netfilter.org/show_bug.cgi?id=696
--- Comment #4 from Phil Oester <netfilter at linuxace.com> 2013-06-21 20:09:31 CEST ---
> The kernel manages the seq and
> ack_seq counters itself, so it doesn't have to try
...for locally terminated connections, yes. But what about forwarded traffic?
That is where the difficulty comes in. Netfilter would need to be able to
manage both local sockets and forwarded traffic.
--
Configure bugmail: https://bugzilla.netfil...
2013 Jun 22
0
[Bug 696] Extra tcp options for REJECT --reject-with tcp-reset-both / tcp-reset-destination
https://bugzilla.netfilter.org/show_bug.cgi?id=696
--- Comment #5 from Alessandro Vesely <vesely at tana.it> 2013-06-22 10:05:55 CEST ---
(In reply to comment #4)
>> The kernel manages the seq and ack_seq counters itself, so it doesn't have
>> to try
>
> ...for locally terminated connections, yes. But what about forwarded traffic?
> That is where the difficulty comes in. Netfilter would need to be able to
> manage both local sockets and forwarded traffic.
That sounds corre...
2023 Feb 16
1
ctdb tcp kill: remaining connections
...{
I have done that already. It is not really helpful as it floods the log with messages about packages it is ignoring. Within one minute of log I got >7000 of them, e.g.
Feb 13 17:36:08 <server> ctdb-eventd[29607]: 10.interface.debug: Ignoring packet: z.z.139.15:2049 z.z.155.1:720, seq=0, ack_seq=0, rst=0, window=1234
Feb 13 17:36:08 <server> ctdb-eventd[29607]: 10.interface.debug: reset_connections_capture_tcp_handler: Ignoring packet for unknown connection: z.z.139.34:4739 z.z.139.14:41437
> For Samba 4.18, a new script variable CTDB_KILLTCP_DEBUGLEVEL has
> been added f...
2023 Feb 16
1
ctdb tcp kill: remaining connections
...have done that already. It is not really helpful as it floods the log with messages about packages it is ignoring. Within one minute of log I got >7000 of them, e.g.
> Feb 13 17:36:08 <server> ctdb-eventd[29607]: 10.interface.debug: Ignoring packet: z.z.139.15:2049 z.z.155.1:720, seq=0, ack_seq=0, rst=0, window=1234
> Feb 13 17:36:08 <server> ctdb-eventd[29607]: 10.interface.debug: reset_connections_capture_tcp_handler: Ignoring packet for unknown connection: z.z.139.34:4739 z.z.139.14:41437
Fair enough... but a whole minute is a long time to be running
ctdb_killtcp during failo...
2023 Feb 15
1
ctdb tcp kill: remaining connections
Hi Uli,
[Sorry for slow response, life is busy...]
On Mon, 13 Feb 2023 15:06:26 +0000, Ulrich Sibiller via samba
<samba at lists.samba.org> wrote:
> we are using ctdb 4.15.5 on RHEL8 (Kernel
> 4.18.0-372.32.1.el8_6.x86_64) to provide NFS v3 (via tcp) to RHEL7/8
> clients. Whenever an ip takeover happens most clients report
> something like this:
> [Mon Feb 13 12:21:22