No response to non-syn first packet of a tcp flow – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 18
4
ServerIron ADX Security Guide
53-1002440-03
No response to non-SYN first packet of a TCP flow
1
No response to non-SYN first packet of a TCP flow
ServerIron can remain passive for non-SYN packet in the beginning of the flow. The default
behavior is to send TCP RESET to client when a non-SYN packet is received in the beginning.
SLB-chassis1/1#show server debug
Generic Deug Info
BP Distribution = Enabled JetCore = No
No of BPs = 3 No of Partner BPs = 0
Partner Chassis MAC = 0000.0000.0000
Partner BP1 MAC = 0000.0000.0000 Partner BP2 MAC = 0000.0000.0000
Partner BP3 MAC = 0000.0000.0000 Partner BP4 MAC = 0000.0000.0000
Partner BP5 MAC = 0000.0000.0000 Partner BP6 MAC = 0000.0000.0000
Server Load Balancing Debug Info
Total Get = 3 Total Free = 0
Get Fails = 0 Get Buffer failure = 0
Forward Sp = 0 Reverse Sp = 0
Bad creates = 0 TCP Resets = 0
Fw resets = 0 Rev Resets = 0
Double Free = 0 Error = 0
Free inv Sess Idx = 0 Free list Idx inv = 0
Cache-Reassigns = 0 Trans-Denied = 0
Multi Path Fwd Use = 0 Multi Path Rev Use = 0
Bad non-owner = 0 Select Fwall = 0
FTP-trans-error = 0 Cache track-error = 0
Fw tcp inside move = 0 Fw udp inside move = 0
Fw SYNC delayed = 0 ownership contention = 0
FW stale to conns = 0 FW stale to delq con = 0
FW stale from conns = 0 FW stale from delq c = 0
FW stale from nuke c = 0 Sac frwds = 0
Unxpectd udata = 0 Unxpectd udata(def) = 0
Client->Server = 0 Server->Client = 0
Drops = 0 Aged = 0
Fw_drops = 0 Rev_drops = 0
FIN_or_RST = 0 old-conn = 0
Disable_drop = 0 Exceed_drop = 0
Stale_drop = 0 Unsuccessful = 0
SYN def/proxy RST = 0 Server Resets = 0
Out of Memory = 0 Out of Memory = 0
last conn rate = 0 max conn rate = 0
last TCP attack rate = 0 max TCP attack rate = 0
fast vport found = 0 fast vport n found = 0
Fwd to non-static FI = 0 Dup stale SYN = 0
TCP forward FIN = 0 TCP reverse FIN = 0
Fast path FWD FIN = 0 Fast path REV FIN = 0
Fast path SLB SYN = 0 Dup SYN after FIN = 0
Duplicate SYN = 0 Duplicate sessions = 0
TCP ttl FIN recvd = 0 TCP ttl reset recvd = 0
Sessions in DEL_Q = 0 Sess force deleted = 0
Fwd sess not found = 0 sess already in delQ = 0
Sess rmvd from delQ = 0
Fragment buf full er = 0 Incoming TCP cksum e = 0
New sess sync sent = 0 New sess sync recvd = 0
L4 msg sent = 0 L4 msg recvd = 0
foundry packet sent = 0 ipc packet sent = 2818942
TCP SYN received = 0 TCP SYN dropped = 0
TCP SYN to MP = 0 TCP SYN ACK to MP = 0
TCP SYN ACK received = 0 TCP SYN ACK dropped = 0
TCP pkt received = 0 TCP pkt dropped = 0
TCP pkt to MP = 0 PBSLB tftp status = In progres
Avail. Sessions = 1999996 Total Sessions = 2000000
Hash size = 200001
Total C->S Conn = 0 Total S->C Conn = 0
Total Reassign = 0 Unsuccessful Conn = 0
Server State - 0: diasbled, 1:enabled, 2:failed, 3:test, 4:suspect, 5:grace_dn, 6:active
Real Server St CurrConn TotConn TotRevConn CurrSess PeakConn
R1 1 0/0/0 0 0 0 0
rs1 1 0/0/0 0 0 0 0