Re: lots of ACK/FIN filtering (DPT=80) at web server.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi there

On Wed, 2003-05-28 at 10:46, SB CH wrote:
> Hello, all.
> 
> I have operated linux web server and executed iptables 1.2.8.
> 
> and I have found so lots of logs like this ACK,FIN filtering.
> Surely, ACK-FIN is a connection closing step, so there is no problem for 
> customers but I would like to know why this happens!!
> I guess that the timeout of the connection tracking related.
> 
Those are 'broken' browsers that do not follow the http standard
properly.
> 
> May 25 12:33:05 www kernel: IN=eth0 OUT= SRC=210.126.xxx.xx 
> DST=211.10.xx.xx LEN=40 TOS=0x00 PREC=0x00 TTL=118 ID=3376 DF PROTO=TCP 
> SPT=3608 DPT=80 WINDOW=63520 RES=0x00 ACK FIN URGP=0
> 
> Do you have any problems like me?
Yes

> and what's the problem and how can I solve this problem?
> 
Stop using non-standards complient browsers. Sometimes changes to
standards are not 'enhancements'.

> 
> Thanks in advance for your kind opinios!!
> 
> _________________________________________________________________
> íìíì. ìëì ìì ëë ìì, êí, ìë, ìì êìë   
> http://www.msn.co.kr/fortune/default.asp  
-- 
--
Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx>
Network Support Specialist
http://www.knowledgefactory.co.za
"lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
Key fingerprint = 7209 A695 9EE0 E971 A9AD  00EE 8757 EE47 F06F FB28
--

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux