cvs commit: src/sys/netinet tcp_subr.c tcp_timer.c tcp_timer.h

Robert Watson rwatson at
Wed Sep 19 15:04:00 PDT 2007

On Thu, 20 Sep 2007, Abdullah Ibn Hamad Al-Marri wrote:

> Hello Robert,
> I still get these messages.
> TCP: []:65461 to []:3306 tcpflags 0x10<ACK>; syncache_expand: Segment failed 
> SYNCOOKIE authentication, segment rejected (probably spoofed)
> This is phpmyadmin connects to remote MySQL Server 5.0

We should disable this TCP logging by default, and turn it on only when 
actually debugging a visible issue, as many of the log messages reflect 
perfectly legitimate (or at least common) network conditions.  You can and 
should ignore them for now.  We should ask people to disable this debugging 
only when they have symptoms of specific problems, because the rest of the 
time they cause bug reports for things that aren't bugs :-).  I find the 
following quite useful in sysctl.conf on all my world-facing 7.x servers 
because it gets rid of the noise:


Otherwise I get a near-continuous stream of garbage in syslog or the console.

Robert N M Watson
Computer Laboratory
University of Cambridge

More information about the cvs-src mailing list