If Squid is running on port 80, and you have a many slow clients (i.e.
dialup clients) then you might have to increase
/proc/sys/net/ipv4/tcp_max_syn_backlog, or else Linux SYN flood
protection can falsely kick in even in normal operation where there is
no SYN flood attack.
netstat -an | grep :80 | grep SYN_RECV
will give you a rough estimate of the backlog usage, including what
might be caused by SYN floods...
-- Henrik Nordstrom Squid hacker Dankun Wizard wrote: > > I am getting alot of below logs from message log file. How can I stop this? > Currently using Linux 2.2, Squid 2.3 Stable4 with WCCP. > > cache kernel: possible SYN flooding on port 80. Sending cookies. > _________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > -- > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Tue Feb 13 2001 - 01:43:31 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:59 MST