'Syncookies' feature effects to generate new ISN/random with RST happens 15 seconds delay.
Brahmanand Reddy
brahma.gdb at gmail.com
Sat Feb 3 13:47:49 UTC 2018
Dear Experts,
Recently i observed in 11.0 FreeBsd Kernel. new ISN random generating
every 15 seconds. RST not happens quickly.
if disable net.inet.tcp.syncookies=0 on syscntrl.conf .. RST happens
quickly and generate new ISN numnber for next SYN requests.
https://github.com/freebsd/freebsd/blob/master/sys/netinet/tcp_syncache.c#L1882
Could you please confirm its expected behavior about delay. have notified
this issue, we have any patch please share.
Thanks in Advance,
Brahma
More information about the freebsd-security
mailing list