[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] "th_flags 2 message_info SYN for established connection" Message
According to the Resolution 14805 of Nokia, The firewall receives a new connections with the same port/service as a connection that was recently closed. (and because that is still in session table of the firewall, firewall drops this session), the solution of it (again it is in the resolution) is decrease the tcpendtimeout so that the firewall clears up the session table faster... -----Original Message----- From: Haris Klitiropoulos [mailto:[email protected]] Sent: Thursday, July 24, 2003 2:59 PM To: [email protected] Subject: Re: [FW-1] "th_flags 2 message_info SYN for established connection" Message Hello, it is not a matter of speed or lack of it, so increasing the timeout won't fix it. According to the message you get on your log, you have an already established connection (the 3-way handshake for that session has been completed). Your firewall intercepts a packet of that session that has SYN flag enabled and drops it. Packets with the SYN flag enabled are used only during the initialisation of the TCP session and never during an already established session. You should check why these packets appear in the first place. It shouldn't be the firewall's fault. Cihan Subasi (Garanti Teknoloji) wrote: >Hi, > >I am getting the message in the subject field ( th_flags 2 message_info SYN for established connection) for some our clients, after doing a quick research I found out that those are mostly GPRS customers (and I guess they are slower than usual), as a solution to that, would it be enough to play with "tcpendtimeout" using dbedit or there are other things that I need to do? Thanks > >*********************************************************** >Cihan SUBASI >Garanti Technology >Internet ve Yazilim Hizmetleri >Tel:(90)GSM:(90)(533)(2750353) >Fax:(90)>http://www.garantitechnology.com <http://www.garantitechnology.com/> >mailto:[email protected] >*********************************************************** > > > >This message and attachments are confidential and intended solely for the individual(s) stated in this >message.If you received this message although you are not the addressee you are responsible to keep >confidential the message.The sender has no responsibility for the accuracy or correctness of the >information in the message and its attachments.Our company shall have no liability for any changes >or late receiving,loss of integrity and confidentiality,viruses and any damages caused in >anyway to your computer system. > >Bu mesaj ve ekleri mesajda gonderildigi belirtilen kisi/kisilere ozeldir ve gizlidir.Bu mesajin muhatabi >olmamaniza ragmen tarafiniza ulasmis olmasi halinde mesaj iceriginin gizliligi ve bu gizlilik yukumlulugune >uyulmasi zorunlulugu tarafiniz icin de soz konusudur.Mesaj ve eklerinde yer alan bilgilerin dogrulugu ve >guncelligi konusunda gonderenin ya da sirketimizin herhangi bir sorumlulugu bulunmamaktadir.Sirketimiz >mesajin ve bilgilerinin size degisiklige ugrayarak veya gec ulasmasindan, butunlugunun ve gizliliginin >korunamamasindan, virus icermesinden ve bilgisayar sisteminize verebilecegi herhangi bir zarardan >sorumlu tutulamaz. > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[email protected] >================================================= > > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= This message and attachments are confidential and intended solely for the individual(s) stated in this message.If you received this message although you are not the addressee you are responsible to keep confidential the message.The sender has no responsibility for the accuracy or correctness of the information in the message and its attachments.Our company shall have no liability for any changes or late receiving,loss of integrity and confidentiality,viruses and any damages caused in anyway to your computer system. Bu mesaj ve ekleri mesajda gonderildigi belirtilen kisi/kisilere ozeldir ve gizlidir.Bu mesajin muhatabi olmamaniza ragmen tarafiniza ulasmis olmasi halinde mesaj iceriginin gizliligi ve bu gizlilik yukumlulugune uyulmasi zorunlulugu tarafiniz icin de soz konusudur.Mesaj ve eklerinde yer alan bilgilerin dogrulugu ve guncelligi konusunda gonderenin ya da sirketimizin herhangi bir sorumlulugu bulunmamaktadir.Sirketimiz mesajin ve bilgilerinin size degisiklige ugrayarak veya gec ulasmasindan, butunlugunun ve gizliliginin korunamamasindan, virus icermesinden ve bilgisayar sisteminize verebilecegi herhangi bir zarardan sorumlu tutulamaz. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|