From: "Akos Szalkai" <szalkai@2fkft.com>
To: netfilter@lists.netfilter.org
Subject: Re: Weird TCP flags?
Date: Sat, 13 Dec 2003 15:57:27 +0100 [thread overview]
Message-ID: <20031213145727.GD229@2fkft.com> (raw)
In-Reply-To: <200312131450.58938.Antony@Soft-Solutions.co.uk>
> Sorry - I misread your posting at first - I realise now you were saying that
> the firewall in front of the spoofed address never saw the first packet, so
> it drops the second one.
Sorry, probably my writing is not clear enough...
> However, the above log entry is from the firewall in front of the web server -
> as far as it is concerned, it saw the first packet, and it saw the second
> packet. I'm not sure there's an explanation yet for why it decided to drop
> and log the second packet.
I am afraid now you did not misread my posting. You simply did not read
the rest of it, because it is in there. Summary: it drops the
retransmitted syn-acks after 60 secs.
Akos
--
Akos Szalkai <szalkai@2f.hu>
IT Consultant, CISA
2F 2000 Szamitastechnikai es Szolgaltato Kft.
Tel: (+36-1)-4887700 Fax: (+36-1)-4887709 WWW: http://www.2f.hu/
next prev parent reply other threads:[~2003-12-13 14:57 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-12-12 4:11 Weird TCP flags? Ian Hunter
2003-12-12 4:46 ` Jeffrey Laramie
2003-12-12 4:52 ` Ian Hunter
2003-12-12 5:20 ` Jeffrey Laramie
2003-12-12 4:51 ` Jeffrey Laramie
[not found] ` <200312120105.01557.Alistair Tonner <>
2003-12-12 12:26 ` John A. Sullivan III
2003-12-12 13:14 ` Ian Hunter
2003-12-12 13:32 ` John A. Sullivan III
2003-12-12 13:59 ` Antony Stone
2003-12-12 14:50 ` John A. Sullivan III
2003-12-12 14:37 ` Antony Stone
2003-12-12 16:37 ` Ian Hunter
2003-12-12 13:13 ` Chris Brenton
2003-12-12 13:26 ` Ian Hunter
2003-12-12 14:05 ` Jeffrey Laramie
2003-12-12 13:57 ` Antony Stone
2003-12-12 14:21 ` John A. Sullivan III
2003-12-12 14:26 ` Ralf Spenneberg
2003-12-12 14:41 ` Jeffrey Laramie
2003-12-12 14:38 ` Antony Stone
2003-12-12 16:05 ` Jeffrey Laramie
2003-12-12 17:41 ` Chris Brenton
2003-12-12 21:21 ` Antony Stone
2003-12-13 14:00 ` Akos Szalkai
2003-12-13 14:41 ` Antony Stone
2003-12-13 14:50 ` Antony Stone
2003-12-13 14:57 ` Akos Szalkai [this message]
2003-12-13 14:53 ` Akos Szalkai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20031213145727.GD229@2fkft.com \
--to=szalkai@2fkft.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.