[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: return-rst and port scanning
From:       "Jason R. Rhoads" <jason () pdh ! com>
Date:       1997-06-09 16:06:27
[Download RAW message or body]


Darren,

Actually, that was my point. With debugging turned on, the kernel offered no  
hint as to why the machine rebooted.  It appears to have been a hardware  
problem with the Intel Pro100B NIC I was using .  The problem no longer occurs  
with a different NIC.

Thanks for your help and for ipfilter,

Jason

Begin forwarded message:

From: Darren Reed <darrenr@cyber.com.au>
Subject: Re: return-rst and port scanning
To: Jason_Rhoads@pdh.com
Date: Mon, 9 Jun 1997 22:27:27 +1000 (EST)
Cc: ipfilter@postbox.anu.edu.au
In-Reply-To: <199706061821.LAA03843@pdh.com> from "Jason R. Rhoads" at Jun 6,  
97 11:18:36 am
X-Mailer: ELM [version 2.4 PL23]
Sender: owner-ipfilter@coombs.anu.edu.au

In some mail I received from Jason R. Rhoads, sie wrote
>
> I am guessing that is may not be a problem with ipfilter, but I wanted to
> check to see if anyone else had experienced similar results when port
> scanning
> a machine running ipfilter with a rule that returns a TCP reset such as the  
> following:
>
> 	block return-rst in on net0 proto tcp from any to any
>
> When I run a port scanner from an outside host I can scan about 20 ports on  
> the ipfilter machine (FreeBSD 2.1.?) before it reboots.
>
> Nothing gets written to the console when this happens.

That's not helpful :/  Can you compile the kernel with DDB, DIAGNOSTIC and
other diagnostic things defined please, and boot that ?

I assume you're using 3.1.11 ?

Darren

[prev in list] [next in list] [prev in thread] [next in thread]