(TCP/IP) Server side sends RST after 3-way handshake.Syn flood defense or queue overflow?

Hello. Iv faced some problem and seems don't realize the mechanincs why does it occures. First of all i'd like to notice that my freebsd knowledge and expirience is limited, especially in such "strange" cases. In details(code example ill be at the end): System: # uname -spr FreeBSD 7.2-RELEASE a

Re: (TCP/IP) Server side sends RST after 3-way handshake.Syn flood defense or queue overflow?

First of all thanks for response! It is normal for syncache entries added == completed == cookies sent, I'm > mostly curious about anything else besides that. It is possible when using > the syncache to have the network stack decide it can't create a connection > until it gets to the end of the 3

Re: (TCP/IP) Server side sends RST after 3-way handshake.Syn flood defense or queue overflow?

> When you enable "net.inet.tcp.log_debug=1" it will tell you at LOG_DEBUG > level what went wrong and why it sent the RST. > Thank you Andre. Now its clear what causes the problem, here is what i got in logs: Jul 18 10:33:55 kernel: TCP: [127.0.0.1]:52971 to [127.0.0.1]:10002 tcpflags 0x10; tcp

What does define COMMENT_ONLY mean?

Hello! What does this define COMMENT_ONLY mean and what for it is used? Iv met such one in if_arp.h source in freebsd kernel, but cant get such strange if in arp header structure. ---example struct arphdr { <...> /* * The remaining fields are variable in size,

Re: What does define COMMENT_ONLY mean?

On 07/23/11 04:21, Bruce Evans wrote: C didn't support support variable-sized structs before C99, and doesn't really support them now. Various hacks are used to make pseudo-structs larger or smaller than ones that can actually be declared work. The above is one. The pseudo-struct is malloc()e

Which module contains functins(arptimer)?

Hello. How to determine which module contains specific functinos?. For example we have arptimer in netinet/if_ether.c. But how to find in which ko it compiles? Iv tried ls /boot/kernel/ | grep ko.symbols | xargs strings | grep -i arptimer but that didnt work :( Thanks in advance. _

Re: Which module contains functins(arptimer)?

On 09/07/11 18:06, Gary Palmer wrote: On Wed, Sep 07, 2011 at 04:51:48PM +0400, Vladimir Budnev wrote: Hello. How to determine which module contains specific functinos?. For example we have arptimer in netinet/if_ether.c. But how to find in which ko it compiles? Iv tried ls /boot/kernel

IPFW hidden/broken rule? (Free 7.2)

Hello list I am not sure which list this question must go to, so I am sending to -net and -ipfw lists. We have faced some strange problem with ipfw behavior, which we can't understand ourselves. An it really hurts:( We are running 7.2-RELEASE. I'll try to describe the problem as we observe

Re: IPFW hidden/broken rule? (Free 7.2)

Typo: mustbe: We'v noticed that no packets from specific ip(10.10.122.23/32 ) ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Re: IPFW hidden/broken rule? (Free 7.2)

> > 14.09.2011 15:33, Vladimir Budnev пишет: > > > So i think there are at least to questions: > > > > 1. Have anyone ever met such situation? Or may be something close to > > this one with 'hidden' ipfw rules? > > Have you tried "ipfw -d -e