PF 7.1 Preerelease problem.

From: Jose Amengual <jose.amengual_at_gmail.com> Date: Fri, 17 Oct 2008 10:25:09 -0300 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:36 UTC

Ho guys.

I install a Freebsd 7.1 as a firewall with pf, jails for mail etc.

I was starting having problems with the mails in the defer spool with  
error messages like "time out" and I check the message log and I found  
this :

TCP: [58.9.5.38]:48146 to [10.0.0.11]:25 tcpflags 0x14<RST,ACK>;  
syncache_chkrst: Spurious RST with ACK, SYN or FIN flag set, segment  
ignored
TCP: [10.0.0.11]:10024 to [10.0.0.11]:65215 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [192.168.168.157]:60139 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
TCP: [192.168.150.101]:1188 to [10.0.0.11]:110 tcpflags 0x2<SYN>;  
_syncache_add: Received duplicate SYN, resetting timer and  
retransmitting SYN|ACK
TCP: [10.0.0.11]:10024 to [10.0.0.11]:64412 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [10.0.0.11]:10024 to [10.0.0.11]:60048 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [10.0.0.11]:10024 to [10.0.0.11]:56838 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [65.54.244.72]:25 to [10.0.0.11]:54881 tcpflags  
0x19<FIN,PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received 71 bytes of  
data after socket was closed, sending RST and removing tcpcb
TCP: [10.0.0.11]:10024 to [10.0.0.11]:59431 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [10.0.0.11]:10024 to [10.0.0.11]:62617 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [221.192.149.119]:37691 to [200.27.171.194]:22; syncache_timer:  
Response timeout, retransmitting (1) SYN|ACK
TCP: [192.168.168.157]:60143 to [10.0.0.11]:25 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
TCP: [195.245.230.131]:25 to [10.0.0.11]:54615 tcpflags  
0x18<PUSH,ACK>; tcp_do_segment: FIN_WAIT_1: Received 39 bytes of data  
after socket was closed, sending RST and removing tcpcb
Connection attempt to UDP 10.0.0.11:25969 from 192.168.168.1:53
TCP: [10.0.0.11]:10024 to [10.0.0.11]:65086 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [192.168.150.130]:2167 to [10.0.0.11]:25 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
Connection attempt to UDP 10.0.0.11:14486 from 200.27.2.7:53
TCP: [192.168.168.157]:60056 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
TCP: [10.0.0.11]:10024 to [10.0.0.11]:62813 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [10.0.0.11]:10024 to [10.0.0.11]:57904 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [200.91.27.33]:25 to [10.0.0.11]:62292 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 17 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [81.75.251.139]:51325 to [10.0.0.11]:25 tcpflags 0x14<RST,ACK>;  
syncache_chkrst: Spurious RST with ACK, SYN or FIN flag set, segment  
ignored
TCP: [10.0.0.11]:25 to [200.27.171.194]:60795 tcpflags 0x12<SYN,ACK>;  
tcp_input: Connection attempt to closed port
TCP: [200.27.171.194]:60795 to [10.0.0.11]:25 tcpflags 0x4<RST>;  
syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted  
by remote endpoint
TCP: [10.0.0.11]:10024 to [10.0.0.11]:63130 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [10.0.0.11]:10024 to [10.0.0.11]:57051 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [192.168.150.130]:2171 to [10.0.0.11]:25 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
TCP: [221.192.149.119]:44046 to [200.27.171.194]:22; syncache_timer:  
Response timeout, retransmitting (1) SYN|ACK
Connection attempt to UDP 10.0.0.11:46152 from 192.168.168.1:53
TCP: [10.0.0.11]:110 to [200.27.171.194]:52781 tcpflags 0x12<SYN,ACK>;  
tcp_input: Connection attempt to closed port
TCP: [200.27.171.194]:52781 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted  
by remote endpoint
TCP: [10.0.0.11]:10024 to [10.0.0.11]:57348 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [192.168.168.157]:60061 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
TCP: [221.192.149.119]:45265 to [200.27.171.194]:22; syncache_timer:  
Response timeout, retransmitting (1) SYN|ACK
TCP: [221.192.149.119]:45951 to [200.27.171.194]:22; syncache_timer:  
Response timeout, retransmitting (1) SYN|ACK
TCP: [10.0.0.11]:110 to [200.27.171.194]:53722 tcpflags 0x12<SYN,ACK>;  
tcp_input: Connection attempt to closed port
TCP: [200.27.171.194]:53722 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted  
by remote endpoint
TCP: [10.0.0.11]:10024 to [10.0.0.11]:59020 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [118.136.197.127]:61865 to [10.0.0.11]:25 tcpflags 0x14<RST,ACK>;  
syncache_chkrst: Spurious RST with ACK, SYN or FIN flag set, segment  
ignored
TCP: [10.0.0.11]:10024 to [10.0.0.11]:50065 tcpflags 0x18<PUSH,ACK>;  
tcp_do_segment: FIN_WAIT_2: Received 64 bytes of data after socket was  
closed, sending RST and removing tcpcb
TCP: [221.192.149.119]:46739 to [200.27.171.194]:22; syncache_timer:  
Response timeout, retransmitting (1) SYN|ACK
TCP: [10.0.0.11]:110 to [200.27.171.194]:57522 tcpflags 0x12<SYN,ACK>;  
tcp_input: Connection attempt to closed port
TCP: [200.27.171.194]:57522 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted  
by remote endpoint
TCP: [10.0.0.11]:110 to [200.27.171.194]:50027 tcpflags 0x12<SYN,ACK>;  
tcp_input: Connection attempt to closed port
TCP: [200.27.171.194]:50027 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Our SYN|ACK was rejected, connection attempt aborted  
by remote endpoint
TCP: [192.168.168.157]:60095 to [10.0.0.11]:110 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored
TCP: [200.27.163.29]:42513 to [10.0.0.11]:25 tcpflags 0x4<RST>;  
syncache_chkrst: Spurious RST without matching syncache entry  
(possibly syncookie only), segment ignored

The 10.0.0 are my jails and the rest is normal connections.

What s this ?

I'm using exactly the same setup in the same network with a 6.4 and no  
problem ( the same company, new server ).

The problems is that my postfix jail is defferring mails because of  
the connection errors.

Please advice.

Thanks.