Your TCP SYN backlog is filled.. either by someone SYN flooding your,
or by having too many slow clients..
Try increasing /proc/sys/net/ipv4/tcp_max_syn_backlog (a restart of
Squid may be needed), or enabling SYN cookies.. (echo 1
>/proc/sys/net/ipv4/tcp_syncookies)
Regards
Henrik
On Tuesday 04 June 2002 00:39, Hamid Hashemi Golpayegani wrote:
> Hi ,
>
> I have recently changed my kernel version from 2.2.20 to 2.4.18 and
> everythings works fine but there a message in my dmesg that I think
> cause of some attack setting in kernel 2.4 :
>
> TCP: drop open request from 62.220.111.42/3698
> TCP: drop open request from 62.220.111.42/3699
> NET: 338 messages suppressed.
>
> I got this message for different IP address many times . What this
> means ?! I think that I must increase some parameter in proc for
> solving this problem . Any idea ?!
Received on Mon Jun 03 2002 - 17:56:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:25 MST