Date: Sun, 4 Feb 2001 02:32:29 +1100 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: mime@traveller.cz (Michal Mertl) Cc: security@FreeBSD.ORG Subject: Re: strange dropped packets Message-ID: <200102031532.CAA20696@caligula.anu.edu.au> In-Reply-To: <Pine.BSO.4.21.0102021042360.30602-100000@prg.traveller.cz> from Michal Mertl at "Feb 2, 1 11:55:22 am"
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Michal Mertl, sie said: > I've installed and configured several FreeBSD boxes (>=4.1). On all of > them I use log_in_vain="YES" in rc.conf. Sometime I also install ipfilter > (with rules with minimal holes in and outbound traffic with "keep state"). > Either with ipfilter installed or not I see dropped packets in > /var/log/messages (result of log_in_vain) which seems to me like last > packets of a regular communications open from inside (either UDP (dns > queries) or TCP (mostly web)). On the internet today, I wouldn't be surprised if some packets can transit the network and take enough time that the state a connection is in causes it to expire before the "next" packet arrices. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102031532.CAA20696>