From owner-freebsd-current@FreeBSD.ORG Fri Oct 17 13:48:56 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50F1A1065691 for ; Fri, 17 Oct 2008 13:48:56 +0000 (UTC) (envelope-from jose.amengual@gmail.com) Received: from mail-gx0-f16.google.com (mail-gx0-f16.google.com [209.85.217.16]) by mx1.freebsd.org (Postfix) with ESMTP id C54FC8FC0C for ; Fri, 17 Oct 2008 13:48:55 +0000 (UTC) (envelope-from jose.amengual@gmail.com) Received: by gxk9 with SMTP id 9so965755gxk.19 for ; Fri, 17 Oct 2008 06:48:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to :content-type:mime-version:subject:date:x-mailer; bh=eupnVqjPwl7dl2YsRtvdmQJydnj5e6Iq2kw+nkU+Cls=; b=jJMqSf4GxF2Tm3rbIXrO6Ququ+NzpUr51NonbD0S3GJi7XVNZiCs1LnyPqfRE1NgiP w4+lTFBWsxuDOz/EhiI+IFhcBqieJ9Y3LbLGerEkn3EPYqCdCkmOTgG3+MMfsH5CZWkK BqFapRopvX3Bh2Ve8vRGYBTTVNhoyuXOtwSbk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:content-type:mime-version:subject:date:x-mailer; b=cPryzYykKoJN5hKusnMyPhHDu4kCHPbN5b/xOg091G/6Ju7SN1Atp4ybFh2gX455+g xNcb6GhzaBbkEDgt8s4ntTyjP71yRdoIEM6kvu3OELGYLJ36lWZsdb2c/V3uHh4aJSy/ JQw2qYcjczq6LkRg1rEcEFF7PJZwY5xlrZihk= Received: by 10.65.96.17 with SMTP id y17mr936620qbl.85.1224249914441; Fri, 17 Oct 2008 06:25:14 -0700 (PDT) Received: from 17-27-112.adsl.terra.cl (17-27-112.adsl.terra.cl [200.112.27.17]) by mx.google.com with ESMTPS id 25sm1691556qbw.1.2008.10.17.06.25.11 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 17 Oct 2008 06:25:13 -0700 (PDT) Message-Id: <879F32CC-CB75-4C6A-9A0D-0D971433B3F4@gmail.com> From: Jose Amengual To: freebsd-current@freebsd.org Mime-Version: 1.0 (Apple Message framework v929.2) Date: Fri, 17 Oct 2008 10:25:09 -0300 X-Mailer: Apple Mail (2.929.2) X-Mailman-Approved-At: Fri, 17 Oct 2008 14:22:49 +0000 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: PF 7.1 Preerelease problem. X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Oct 2008 13:48:56 -0000 Ho guys. I install a Freebsd 7.1 as a firewall with pf, jails for mail etc. I was starting having problems with the mails in the defer spool with error messages like "time out" and I check the message log and I found this : TCP: [58.9.5.38]:48146 to [10.0.0.11]:25 tcpflags 0x14; syncache_chkrst: Spurious RST with ACK, SYN or FIN flag set, segment ignored TCP: [10.0.0.11]:10024 to [10.0.0.11]:65215 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [192.168.168.157]:60139 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored TCP: [192.168.150.101]:1188 to [10.0.0.11]:110 tcpflags 0x2; _syncache_add: Received duplicate SYN, resetting timer and retransmitting SYN|ACK TCP: [10.0.0.11]:10024 to [10.0.0.11]:64412 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [10.0.0.11]:10024 to [10.0.0.11]:60048 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [10.0.0.11]:10024 to [10.0.0.11]:56838 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [65.54.244.72]:25 to [10.0.0.11]:54881 tcpflags 0x19; tcp_do_segment: FIN_WAIT_1: Received 71 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [10.0.0.11]:10024 to [10.0.0.11]:59431 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [10.0.0.11]:10024 to [10.0.0.11]:62617 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [221.192.149.119]:37691 to [200.27.171.194]:22; syncache_timer: Response timeout, retransmitting (1) SYN|ACK TCP: [192.168.168.157]:60143 to [10.0.0.11]:25 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored TCP: [195.245.230.131]:25 to [10.0.0.11]:54615 tcpflags 0x18; tcp_do_segment: FIN_WAIT_1: Received 39 bytes of data after socket was closed, sending RST and removing tcpcb Connection attempt to UDP 10.0.0.11:25969 from 192.168.168.1:53 TCP: [10.0.0.11]:10024 to [10.0.0.11]:65086 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [192.168.150.130]:2167 to [10.0.0.11]:25 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored Connection attempt to UDP 10.0.0.11:14486 from 200.27.2.7:53 TCP: [192.168.168.157]:60056 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored TCP: [10.0.0.11]:10024 to [10.0.0.11]:62813 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [10.0.0.11]:10024 to [10.0.0.11]:57904 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [200.91.27.33]:25 to [10.0.0.11]:62292 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 17 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [81.75.251.139]:51325 to [10.0.0.11]:25 tcpflags 0x14; syncache_chkrst: Spurious RST with ACK, SYN or FIN flag set, segment ignored TCP: [10.0.0.11]:25 to [200.27.171.194]:60795 tcpflags 0x12; tcp_input: Connection attempt to closed port TCP: [200.27.171.194]:60795 to [10.0.0.11]:25 tcpflags 0x4; syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted by remote endpoint TCP: [10.0.0.11]:10024 to [10.0.0.11]:63130 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [10.0.0.11]:10024 to [10.0.0.11]:57051 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [192.168.150.130]:2171 to [10.0.0.11]:25 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored TCP: [221.192.149.119]:44046 to [200.27.171.194]:22; syncache_timer: Response timeout, retransmitting (1) SYN|ACK Connection attempt to UDP 10.0.0.11:46152 from 192.168.168.1:53 TCP: [10.0.0.11]:110 to [200.27.171.194]:52781 tcpflags 0x12; tcp_input: Connection attempt to closed port TCP: [200.27.171.194]:52781 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted by remote endpoint TCP: [10.0.0.11]:10024 to [10.0.0.11]:57348 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [192.168.168.157]:60061 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored TCP: [221.192.149.119]:45265 to [200.27.171.194]:22; syncache_timer: Response timeout, retransmitting (1) SYN|ACK TCP: [221.192.149.119]:45951 to [200.27.171.194]:22; syncache_timer: Response timeout, retransmitting (1) SYN|ACK TCP: [10.0.0.11]:110 to [200.27.171.194]:53722 tcpflags 0x12; tcp_input: Connection attempt to closed port TCP: [200.27.171.194]:53722 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted by remote endpoint TCP: [10.0.0.11]:10024 to [10.0.0.11]:59020 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [118.136.197.127]:61865 to [10.0.0.11]:25 tcpflags 0x14; syncache_chkrst: Spurious RST with ACK, SYN or FIN flag set, segment ignored TCP: [10.0.0.11]:10024 to [10.0.0.11]:50065 tcpflags 0x18; tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was closed, sending RST and removing tcpcb TCP: [221.192.149.119]:46739 to [200.27.171.194]:22; syncache_timer: Response timeout, retransmitting (1) SYN|ACK TCP: [10.0.0.11]:110 to [200.27.171.194]:57522 tcpflags 0x12; tcp_input: Connection attempt to closed port TCP: [200.27.171.194]:57522 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted by remote endpoint TCP: [10.0.0.11]:110 to [200.27.171.194]:50027 tcpflags 0x12; tcp_input: Connection attempt to closed port TCP: [200.27.171.194]:50027 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted by remote endpoint TCP: [192.168.168.157]:60095 to [10.0.0.11]:110 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored TCP: [200.27.163.29]:42513 to [10.0.0.11]:25 tcpflags 0x4; syncache_chkrst: Spurious RST without matching syncache entry (possibly syncookie only), segment ignored The 10.0.0 are my jails and the rest is normal connections. What s this ? I'm using exactly the same setup in the same network with a 6.4 and no problem ( the same company, new server ). The problems is that my postfix jail is defferring mails because of the connection errors. Please advice. Thanks.