RE: [squid-users] Dmesg message in kernel 2.4 !

Thanks henrik ,

Yeah all of my clients are dial-up users and also I have checked the
/proc/sys/net/ipv4 and there is no file named tcp_syncookies . May be I
have not choose some feature when compiling the kernel . Is that
sufficient to increase /proc/sys/net/ipv4/tcp_max_syn_backlog (
currently 1024 ) and restart the squid or I should recompile the kernel
and make tcp_syncookies available ?!

--
Regards
    =================================================================
   /  Seyyed Hamid Reza    /        WINDOWS FOR NOW  !!            /
  /  Hashemi Golpayegani  /  Linux for future , FreeBSD for ever  /
 /    Morva System Co.   / ------------------------------------- /
/  Network Administrator/ hamid@morva.net   ,   ICQ# : 42209876 /
================================================================ 
-----Original Message-----
From: Henrik Nordstrom [mailto:hno@marasystems.com] 
Sent: Tuesday, June 04, 2002 3:24 AM
To: Hamid Hashemi Golpayegani; squid-users@squid-cache.org
Subject: Re: [squid-users] Dmesg message in kernel 2.4 !
Your TCP SYN backlog is filled.. either by someone SYN flooding your, 
or by having too many slow clients..
Try increasing /proc/sys/net/ipv4/tcp_max_syn_backlog (a restart of 
Squid may be needed), or enabling SYN cookies.. (echo 1 
>/proc/sys/net/ipv4/tcp_syncookies)
Regards
Henrik
On Tuesday 04 June 2002 00:39, Hamid Hashemi Golpayegani wrote:
> Hi ,
>
> I have recently changed my kernel version from 2.2.20 to 2.4.18 and 
> everythings works fine but there a message in my dmesg that I think 
> cause of some attack setting in kernel 2.4 :
>
> TCP: drop open request from 62.220.111.42/3698
> TCP: drop open request from 62.220.111.42/3699
> NET: 338 messages suppressed.
>
> I got this message for different IP address many times . What this 
> means ?! I think that I must increase some parameter in proc for 
> solving this problem . Any idea ?!