Re: state: INVALID

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Björn Schmidt wrote:
Here is a(n older) packet that is _falsely_ classified as INVALID (should be
ESTABLISHED). I changed the IP-adress and hostname in the meantime:

Oct 29 13:51:05 skyron ILLEGAL_PACKET IN= OUT=eth0 MAC= SRC=192.168.1.1
DST=192.168.1.2 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=22
DPT=33085 SEQ=1048000056 ACK=1050690244 WINDOW=5792 ACK SYN URGP=0


Here is one of the "false" INVALID-state packets of today, i tried to connect
from a workstation (192.168.1.2) to the server via ssh:

Nov 21 00:26:53 gigabyte INT_ILLEGAL_PACKET IN= OUT=eth0 MAC= SRC=192.168.1.2
DST=192.168.1.1 LEN=52 TOS=00 PREC=0x00 TTL=64 ID=16033 DF PROTO=TCP SPT=32921
DPT=22 SEQ=340786628 ACK=3785725711 WINDOW=1460 ACK URGP=0

--
Greetings
Bjoern Schmidt


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux