strange kernel errors

To: debian-firewall@lists.debian.org
Subject: strange kernel errors
From: Nate Campi <nate@campin.net>
Date: Tue, 13 Feb 2001 17:15:14 -0800
Message-id: <[🔎] 20010213171514.E25819@campin.net>

I run a potato box on my home DSL line as a firewall with kernel 2.4.0 and iptables.

I run some rules I found in either the netfilter HOWTO or the 2.4 NAT HOWTO like this (can't remember which):

# Syn-flood protection: 
iptables -A INPUT -p TCP --syn -m limit --limit 1/s -j ACCEPT

# Furtive port scanner: 
iptables -A INPUT -p TCP --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT

# Ping of death: 
iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT

..and today I saw messages like this repeated over and over:
Feb 13 14:05:57 jake kernel: reset_xmit_timer sk=c18d7360 1 when=0x3ed5, caller=c01f4052

Was this the kernel slowing down a port scan or something like it?

I've never seen anything like this on a 2.2 kernel and a search of google just came up with a bunch of kernel source code.

TIA,
-- 
	Nate

Reply to:

Follow-Ups:
- Re: strange kernel errors
  - From: Bernd Eckenfels <lists@lina.inka.de>

Prev by Date: RE: FW: Help! ipmasqadm problem - Help its still not working
Next by Date: Re: strange kernel errors
Previous by thread: RE: FW: Help! ipmasqadm problem - Help its still not working
Next by thread: Re: strange kernel errors
Index(es):
- Date
- Thread