No Response To Non-Syn First Packet Of A Tcp Flow - Brocade Communications Systems ServerIron ADX 12.4.00a Security Manual

1

No response to non-SYN first packet of a TCP flow

No response to non-SYN first packet of a TCP flow
ServerIron can remain passive for non-SYN packet in the beginning of the flow. The default
behavior is to send TCP RESET to client when a non-SYN packet is received in the beginning.
4
SLB-chassis1/1#show server debug
Generic Deug Info
BP Distribution =
No of BPs =
Partner Chassis MAC = 0000.0000.0000
Partner BP1 MAC = 0000.0000.0000
Partner BP3 MAC = 0000.0000.0000
Partner BP5 MAC = 0000.0000.0000
Server Load Balancing Debug Info
Total Get =
Get Fails =
Forward Sp =
Bad creates =
Fw resets =
Double Free =
Free inv Sess Idx =
Cache-Reassigns =
Multi Path Fwd Use =
Bad non-owner =
FTP-trans-error =
Fw tcp inside move =
Fw SYNC delayed =
FW stale to conns =
FW stale from conns =
FW stale from nuke c =
Unxpectd udata =
Client->Server =
Drops =
Fw_drops =
FIN_or_RST =
Disable_drop =
Stale_drop =
SYN def/proxy RST =
Out of Memory =
last conn rate =
last TCP attack rate =
fast vport found =
Fwd to non-static FI =
TCP forward FIN =
Fast path FWD FIN =
Fast path SLB SYN =
Duplicate SYN =
TCP ttl FIN recvd =
Sessions in DEL_Q =
Fwd sess not found =
Sess rmvd from delQ =
Fragment buf full er =
New sess sync sent =
L4 msg sent =
foundry packet sent =
TCP SYN received =
TCP SYN to MP =
TCP SYN ACK received =
TCP pkt received =
TCP pkt to MP =
Avail. Sessions = 1999996
Hash size = 200001
Total C->S Conn =
Total Reassign =
Server State - 0: diasbled, 1:enabled, 2:failed, 3:test, 4:suspect, 5:grace_dn, 6:active
Real Server St CurrConn
R1 1 0/0/0
rs1 1 0/0/0
Enabled JetCore
3 No of Partner BPs
Partner BP2 MAC
Partner BP4 MAC
Partner BP6 MAC
3 Total Free =
0 Get Buffer failure =
0 Reverse Sp =
0 TCP Resets =
0 Rev Resets =
0 Error =
0 Free list Idx inv =
0 Trans-Denied =
0 Multi Path Rev Use =
0 Select Fwall =
0 Cache track-error =
0 Fw udp inside move =
0 ownership contention =
0 FW stale to delq con =
0 FW stale from delq c =
0 Sac frwds =
0 Unxpectd udata(def) =
0 Server->Client =
0 Aged =
0 Rev_drops =
0 old-conn =
0 Exceed_drop =
0 Unsuccessful =
0 Server Resets =
0 Out of Memory =
0 max conn rate =
0 max TCP attack rate =
0 fast vport n found =
0 Dup stale SYN =
0 TCP reverse FIN =
0 Fast path REV FIN =
0 Dup SYN after FIN =
0 Duplicate sessions =
0 TCP ttl reset recvd =
0 Sess force deleted =
0 sess already in delQ =
0
0 Incoming TCP cksum e =
0 New sess sync recvd =
0 L4 msg recvd =
0 ipc packet sent =
0 TCP SYN dropped =
0 TCP SYN ACK to MP =
0 TCP SYN ACK dropped =
0 TCP pkt dropped =
0 PBSLB tftp status = In progres
Total Sessions =
0 Total S->C Conn =
0 Unsuccessful Conn =
TotConn TotRevConn CurrSess
0 0 0
0 0 0
= No
= 0
= 0000.0000.0000
= 0000.0000.0000
= 0000.0000.0000
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2818942
0
0
0
0
2000000
0
0
PeakConn
0
0
ServerIron ADX Security Guide
53-1002440-03