From owner-freebsd-current@FreeBSD.ORG Thu Jun 28 09:04:24 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C3AEC16A468 for ; Thu, 28 Jun 2007 09:04:24 +0000 (UTC) (envelope-from almarrie@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.248]) by mx1.freebsd.org (Postfix) with ESMTP id 828A313C46C for ; Thu, 28 Jun 2007 09:04:24 +0000 (UTC) (envelope-from almarrie@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so112027anc for ; Thu, 28 Jun 2007 02:04:23 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=rrzrWcqVcuD0Yy2XKPP0mkTcAGHj0/ok4eNaRyq8bUVbr6vUzuYiXJtmHWxewTTTVLMmGyj0pDOSQPA/gvKM85G+eRGa9Y3rFNNz02bkHOw3Ld2Ag1c5MRUZ37TlyIwrYVMQWBuRXV96Yw/+P5iqi69aT40xfISmRB6XKEHJ9Vk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=pfcNF7mRLPL77dL/jSGMVx2gyACtAOG2fma1e7kmrJgGJA2PasCPM+EOjYHXSAxRG5ikbFsYelK+2xkVPNC5Rk0BJIFeFsBxnQcsU1XCRzLq/jHz+SKyNUIMIUInxVEkRdAYKGIOTD+6FMy4woojbgF02AeCa8ty4yD7zpHKO3Y= Received: by 10.100.123.9 with SMTP id v9mr545476anc.1183021463803; Thu, 28 Jun 2007 02:04:23 -0700 (PDT) Received: by 10.100.9.14 with HTTP; Thu, 28 Jun 2007 02:04:23 -0700 (PDT) Message-ID: <499c70c0706280204mb252d0ekb01d107b88209a02@mail.gmail.com> Date: Thu, 28 Jun 2007 12:04:23 +0300 From: "Abdullah Ibn Hamad Al-Marri" To: "Steve Kargl" In-Reply-To: <20070628014311.GA50012@troutmask.apl.washington.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20070628014311.GA50012@troutmask.apl.washington.edu> Cc: freebsd-current@freebsd.org Subject: Re: SYNCOOKIE authentication problems X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jun 2007 09:04:24 -0000 On 6/28/07, Steve Kargl wrote: > Any advice on how to isolate or avoid? > > Jun 27 18:31:19 node11 kernel: TCP: [192.168.0.11]:59661 to > [192.168.0.11]:63266 tcpflags 0x10; syncache_expand: Segment failed > SYNCOOKIE authentication, segment rejected (probably spoofed) > > -- > Steve It's too weird, I even get it in my server even I use antispoof via pf, and I get the same msg while for the IPs in the same server. -- Regards, -Abdullah Ibn Hamad Al-Marri Arab Portal http://www.WeArab.Net/