According to the Resolution 14805 of Nokia, The firewall receives a new
connections with the same port/service as a connection that was recently
closed. (and because that is still in session table of the firewall, firewall
drops this session), the solution of it (again it is in the resolution) is
decrease the tcpendtimeout so that the firewall clears up the session table
faster...
-----Original Message-----
From: Haris Klitiropoulos [mailto:hkli AT SPACE DOT GR]
Sent: Thursday, July 24, 2003 2:59 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] "th_flags 2 message_info SYN for established
connection" Message
Hello,
it is not a matter of speed or lack of it, so increasing the timeout
won't fix it. According to the message you get on your log, you have an
already established connection (the 3-way handshake for that session has
been completed). Your firewall intercepts a packet of that session that
has SYN flag enabled and drops it. Packets with the SYN flag enabled are
used only during the initialisation of the TCP session and never during
an already established session. You should check why these packets
appear in the first place. It shouldn't be the firewall's fault.
Cihan Subasi (Garanti Teknoloji) wrote:
>Hi,
>
>I am getting the message in the subject field ( th_flags 2 message_info SYN
>for established connection) for some our clients, after doing a quick research
>I found out that those are mostly GPRS customers (and I guess they are slower
>than usual), as a solution to that, would it be enough to play with
>"tcpendtimeout" using dbedit or there are other things that I need to do?
>Thanks
>
>***********************************************************
>Cihan SUBASI
>Garanti Technology
>Internet ve Yazilim Hizmetleri
>Tel:(90)(212)4783426 GSM:(90)(533)(2750353)
>Fax:(90)(212)6576150
>http://www.garantitechnology.com <http://www.garantitechnology.com/>
>mailto:cihans AT garanti.com DOT tr
>***********************************************************
>
>
>
>This message and attachments are confidential and intended solely for the
>individual(s) stated in this
>message.If you received this message although you are not the addressee you
>are responsible to keep
>confidential the message.The sender has no responsibility for the accuracy or
>correctness of the
>information in the message and its attachments.Our company shall have no
>liability for any changes
>or late receiving,loss of integrity and confidentiality,viruses and any
>damages caused in
>anyway to your computer system.
>
>Bu mesaj ve ekleri mesajda gonderildigi belirtilen kisi/kisilere ozeldir ve
>gizlidir.Bu mesajin muhatabi
>olmamaniza ragmen tarafiniza ulasmis olmasi halinde mesaj iceriginin gizliligi
>ve bu gizlilik yukumlulugune
>uyulmasi zorunlulugu tarafiniz icin de soz konusudur.Mesaj ve eklerinde yer
>alan bilgilerin dogrulugu ve
>guncelligi konusunda gonderenin ya da sirketimizin herhangi bir sorumlulugu
>bulunmamaktadir.Sirketimiz
>mesajin ve bilgilerinin size degisiklige ugrayarak veya gec ulasmasindan,
>butunlugunun ve gizliliginin
>korunamamasindan, virus icermesinden ve bilgisayar sisteminize verebilecegi
>herhangi bir zarardan
>sorumlu tutulamaz.
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to LISTSERV AT amadeus.us.checkpoint DOT com
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>fw-1-owner AT ts.checkpoint DOT com
>=================================================
>
>
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
This message and attachments are confidential and intended solely for the
individual(s) stated in this
message.If you received this message although you are not the addressee you are
responsible to keep
confidential the message.The sender has no responsibility for the accuracy or
correctness of the
information in the message and its attachments.Our company shall have no
liability for any changes
or late receiving,loss of integrity and confidentiality,viruses and any damages
caused in
anyway to your computer system.
Bu mesaj ve ekleri mesajda gonderildigi belirtilen kisi/kisilere ozeldir ve
gizlidir.Bu mesajin muhatabi
olmamaniza ragmen tarafiniza ulasmis olmasi halinde mesaj iceriginin gizliligi
ve bu gizlilik yukumlulugune
uyulmasi zorunlulugu tarafiniz icin de soz konusudur.Mesaj ve eklerinde yer
alan bilgilerin dogrulugu ve
guncelligi konusunda gonderenin ya da sirketimizin herhangi bir sorumlulugu
bulunmamaktadir.Sirketimiz
mesajin ve bilgilerinin size degisiklige ugrayarak veya gec ulasmasindan,
butunlugunun ve gizliliginin
korunamamasindan, virus icermesinden ve bilgisayar sisteminize verebilecegi
herhangi bir zarardan
sorumlu tutulamaz.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
