Date: Wed, 25 Jul 2007 00:40:22 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Peter Wemm <peter@wemm.org> Cc: Andre Oppermann <andre@freebsd.org>, current@freebsd.org, freebsd-current@freebsd.org, Robert Watson <rwatson@freebsd.org>, net@freebsd.org Subject: Re: FreeBSD 7 TCP syncache fix: request for testers Message-ID: <20070725003706.U79872@odysseus.silby.com> In-Reply-To: <200707201155.44573.peter@wemm.org> References: <20070709234401.S29353@odysseus.silby.com> <20070710132253.GJ1038@void.codelabs.ru> <20070710202028.I34890@odysseus.silby.com> <200707201155.44573.peter@wemm.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Jul 2007, Peter Wemm wrote: > TCP: [127.0.0.1]:52446 to [127.0.0.1]:1128 tcpflags 0x10<ACK>; > syncache_expand: Segment failed SYNCOOKIE authentication, segment > rejected (probably spoofed) > [...] > > How on earth can localhost be spoofing itself? This is getting quite > absurd. :-( Any extra ACK that arrives is probably being processed by the syncookie code is my guess. So, I think that the problem is probably anywhere except in the syncookie code. > I'll give your patch a shot and see if it improves things at all. It won't, not for this case. :( But I'll get it committed ASAP, because it fixes other cases. Unless, that is, things IRL keep interrupting me. Mike "Silby" Silbersack
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070725003706.U79872>