Tony Dodd wrote:
> Daniel Rose wrote:
>> SQUID (linux kernel 2.6.18.xxx) Sends a spoofed ACK 'from' WWWHOST to
>> CLIENT.
>>
>> The spoofed ACK never arrives at the CLIENT. CLIENT just sends 3 SYNs
>> and times out. I assume it's dropped by the firewall, but I can't get
>> 'debug ip packet' or similar commands to work on the ASA 5520 to
>> verify this, but it's pretty clear since it never arrives on the
>> client (I used wireshark).
>>
>
> Have you tried turning up the logging level and seeing what the asa is
> doing? My money is on it dropping your packets.
>
Confirmed by your logging suggestion.
-- Daniel Rose National Library of AustraliaReceived on Thu Dec 20 2007 - 20:59:26 MST
This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:02 MST