Displaying 20 results from an estimated 800 matches similar to: "Expected handling of [SYN] when expecting [SYN, ACK]?"
2007 Mar 26
0
Re: Expected handling of [SYN] when expecting[SYN, ACK]?
Hi Tom,
Many thanks for that, that''s really helped. Netfilter is indeed dropping
the packets as invalid.
Thanks and regards,
Frances
-----Original Message-----
From: Tom Eastep [mailto:teastep@shorewall.net]
Sent: 23 March 2007 18:05
To: Shorewall Users
Subject: Re: [Shorewall-users] Expected handling of [SYN] when
expecting[SYN, ACK]?
Frances Flood wrote:
> Basically, if the
2015 May 22
1
help please , How SYN and ACK packets counted by the server(centos)
I have a question about tcp layer of linux kernel. I want, Syn and ack
packages received to server will be counted.
[image: enter image description here]
where total_syn_count and total_ack_count are variables to be defined and
will be increased
Which files to be used ????
tcp_input.c ,tcp_output.c , tcp_ipv4.c
2019 Apr 16
0
No ack packet for tcp SYN with window scale of 64
I have found a very strange problem. We found that the time of establishing the websocket connection between mobile phone and server was too long. Then I use tcpdump to capture the data and found that the problem maybe has something to do with window scale option in SYN packet. Here is the SYN packet for websocket connection:
55488 ? 443 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64
2001 Apr 22
0
Prioritzing SYNs and SYN-ACKs with Diffserv
Hi,
I''m interested in prioritizing all packets with the SYN bit on, both with
and without the ACK bit on (but specially the SYN ACKS).
I am checking is the use of Diffserv. From a paper I read I understood that
when Diffserv is on, all "Control Traffic", including TCP SYN-ACKs, gets by
default into "band 0" of Diffserv, the highest priority out of 16 bands. If
true,
2004 Apr 04
3
SIP Registration Errors
Hi...I've got two Grandstream phones attached to my Asterisk on the same
subnet. The phones have fixed IP addresses. Asterisk is generated an error
for one of them only, even though both appear to be registered correctly.
The current state of the sip.conf is included below. Anyone know what is
going on here? Both appear to be working fine between each other and between
themselves in and
2006 Aug 04
7
Transparent Proxy problem
Now I step by step to configure Shorewall to match my school environment,
the following error when I restart the Shorewall.
..End Macro
iptables v1.2.11: Unknown arg `--sports''
Try `iptables -h'' or ''iptables --help'' for more information.
ERROR: Command "/sbin/iptables -t nat -A loc_dnat -p tcp --sports !
2006 Nov 30
14
My macro is flawed?
Hi all,
I have a VPN setup but it only works once in a while. It seems my firewall
(shorewall 3.0.8) is blocking protocol 47.
Here is what I have:
eth0: internet
eth2: dmz - my pptp server
My entry In the rules file:
pptp/ACCEPT fw dmz:192.168.253.2
My pptp macro
###############################################################################
#ACTION SOURCE
2006 Dec 15
18
FTP/DNAT Issue
Hello All,
I know that this should be a trivial issue, but I''m stuck. I''m totally
new to Shorewall and although I''ve read all about the zones, they''re
still a bit confusing for me.
What I''m attempting to do is run an FTP server on an internal machine.
I''ve read the example guide and troubleshooting guide, but I can''t
figure it
2006 Dec 19
7
routing problem
hi,
Please see the following text diagram:
10.0.15.0/24 --> 10.0.15.1 (f0/1) cisco router (f0/0) 192.168.0.5 <-- 192.168.0.0/24 --> 192.168.0.1 firewall --> internet
I have some problem after added a static route
in shorewall in /etc/sysconfig/network-scripts/route-eth0, the syntax is:
10.0.15.0/24 via 192.168.0.5
in 192.168.0.0/24 computers cannot ping or
2006 Sep 20
16
Multiple ISP Issues
Hi all,
I am having an issue with a multiple ISP setup. I have followed the
docs online and I think I have everything setup correctly but I can
get the desired traffice to go out my secondary ISP.
A quick run down on what I am trying to acomplish. I want to send all
sip/iax traffic out one ISP in the net zone and then send all other
traffic out my secondary ISP in the dsl zone.
Attached is
2006 Aug 01
34
Clients can't through to internet
I just setup the Shorewall in my school, but now all clients can''t through to internet, all servers can through to internet with NAT, when I disabled NAT that all servers can''t through to internet.
Below is my school network:
internet ---> shorewall ----> loc ---> ciso router ---> loc1
Below is my config files:
policy:
# If you want to force clients to
2007 Feb 27
4
Outgoing rules
Hi,
How can only allow http,ftp,smtp define on outgoing rules ?
Thanks
_______________________________________
YM - 離線訊息
就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。
http://messenger.yahoo.com.hk
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and
2006 Dec 07
7
shorewall and mrouted
Hi
When I start shorewall, the multicast stream is stopped.
My config:
Windows VLC Client-----eth0:192.168.254.1/24--fw---eth1:191.168.254.254/16-------------------------Linux VLC Streaming server
192.168.254/24 lan wan (but it''s really a internal lan !) 191.168.1.21/16
on the FW/shorewall
route add -net 224.0.0.0 netmask
1997 Feb 28
0
forwarded from BoS: Linux anti-SYN flooding patch
I have just finished a patch to linux 2.0.29 that provides
the SYN cookies protection against SYN flood attacks.
You can grab it from my home page at:
http://www.dna.lth.se/~erics/software/tcp-syncookies-patch-1.gz
You can also follow the pointers from my home page (see the signature)
to get a very short blurb about this patch.
Quick synopsys: This implements the SYN cookie defense
against SYN
2002 Apr 18
0
Syn Flood Protection
Hallo Group,
i want to implement a syn Flood Protection on our linux Router.
on our Cisco we have this Access-list and rat-limit
rate-limit input access-group 190 128000 128000 128000 conform-action transmit exceed-action drop
access-list 190 deny tcp any any established
access-list 190 permit tcp any any
access-list 190 deny ip any any
now i was trying to wrote the same config with
2003 Nov 28
0
For those of you that uses syn Text Editor to edit .R files
Hi,
sorry to bother you, and that this is probably not the right list :-),
but I read that some of you might use syn as Editor
for .R files. I've released an unofficial Version of the syn Text Editor
with improved support for R (I'm the initial developer of this program,
btw.). syn is a Windows 32 Program (Win9x, NT4, 2000), but maybe it runs
also inside Wine, I didn't try it.
2014 Apr 16
1
Possible SYN flooding
Anyone seen this problem?
server
Apr 16 14:34:28 nas1 kernel: [7506182.154332] TCP: TCP: Possible SYN flooding on port 49156. Sending cookies. Check SNMP counters.
Apr 16 14:34:31 nas1 kernel: [7506185.142589] TCP: TCP: Possible SYN flooding on port 49157. Sending cookies. Check SNMP counters.
Apr 16 14:34:53 nas1 kernel: [7506207.126193] TCP: TCP: Possible SYN flooding on port 49159. Sending
2018 Jul 20
0
database node / possible SYN flooding on port 3306
On 07/20/2018 03:56 AM, Leon Fauster via CentOS wrote:
> Hi folks,
>
> I have here a database node running
>
> # rpm -qa | grep mysql-server
> mysql55-mysql-server-5.5.52-1.el6.x86_64
>
> on
>
> # virt-what
> vmware
>
>
> that seems to have a connection problem:
>
> # dmesg |grep SYN |tail -5
> possible SYN flooding on port 3306. Sending cookies.
2011 May 25
1
kernel: possible SYN flooding on port 655. Sending cookies.
On a Linux Server running tincd I noticed the following log message in
/var/log/messages
kernel: possible SYN flooding on port 655. Sending cookies.
I found this on the web:
If SYN cookies are enabled, then the kernel doesn't track half open
connections at all. Instead it knows from the sequence number in the
following ACK datagram that the ACK very probably follows a SYN and a
SYN-ACK.
2007 Oct 06
0
Samba + Ldap: password syn
Check your slapd.conf ACL options.
____________________________________________________________________
--Forwarded Message Attachment--
From: fcd.listas@gmail.com
Subject: [Samba] Samba + Ldap: password sync
Date: Thu, 4 Oct 2007 15:19:42 -0300
To: samba@lists.samba.org
Gentleman,
While using Openldap 2.2.x, password syncronization was working fine. It
means that when a user changed his