From owner-freebsd-current@FreeBSD.ORG  Wed Jul 25 05:40:24 2007
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EC5C716A41A
	for <current@freebsd.org>; Wed, 25 Jul 2007 05:40:24 +0000 (UTC)
	(envelope-from silby@silby.com)
Received: from relay01.pair.com (relay01.pair.com [209.68.5.15])
	by mx1.freebsd.org (Postfix) with SMTP id 8898313C474
	for <current@freebsd.org>; Wed, 25 Jul 2007 05:40:24 +0000 (UTC)
	(envelope-from silby@silby.com)
Received: (qmail 80843 invoked from network); 25 Jul 2007 05:40:23 -0000
Received: from 209.68.2.70 (HELO localhost) (209.68.2.70)
	by relay01.pair.com with SMTP; 25 Jul 2007 05:40:23 -0000
X-pair-Authenticated: 209.68.2.70
Date: Wed, 25 Jul 2007 00:40:22 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: Peter Wemm <peter@wemm.org>
In-Reply-To: <200707201155.44573.peter@wemm.org>
Message-ID: <20070725003706.U79872@odysseus.silby.com>
References: <20070709234401.S29353@odysseus.silby.com>
	<20070710132253.GJ1038@void.codelabs.ru>
	<20070710202028.I34890@odysseus.silby.com>
	<200707201155.44573.peter@wemm.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: Andre Oppermann <andre@freebsd.org>, current@freebsd.org,
	freebsd-current@freebsd.org, Robert Watson <rwatson@freebsd.org>,
	net@freebsd.org
Subject: Re: FreeBSD 7 TCP syncache fix: request for testers
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jul 2007 05:40:25 -0000


On Fri, 20 Jul 2007, Peter Wemm wrote:

> TCP: [127.0.0.1]:52446 to [127.0.0.1]:1128 tcpflags 0x10<ACK>;
> syncache_expand: Segment failed SYNCOOKIE authentication, segment
> rejected (probably spoofed)
> [...]
>
> How on earth can localhost be spoofing itself?  This is getting quite
> absurd. :-(

Any extra ACK that arrives is probably being processed by the syncookie 
code is my guess.  So, I think that the problem is probably anywhere 
except in the syncookie code.

> I'll give your patch a shot and see if it improves things at all.

It won't, not for this case. :(

But I'll get it committed ASAP, because it fixes other cases.  Unless, 
that is, things IRL keep interrupting me.

Mike "Silby" Silbersack