Daniel Rose wrote:
SQUID (linux kernel 2.6.18.xxx) Sends a spoofed ACK 'from' WWWHOST to CLIENT.
The spoofed ACK never arrives at the CLIENT. CLIENT just sends 3 SYNs and
times out. I assume it's dropped by the firewall, but I can't get 'debug ip
packet' or similar commands to work on the ASA 5520 to verify this, but it's
pretty clear since it never arrives on the client (I used wireshark).
Have you tried turning up the logging level and seeing what the asa is
doing? My money is on it dropping your packets.
Adjust logging to "errors" if you're getting to much log data.
# conf t
(config)# logging asdm warnings
# sh logging asdm
--
Tony Dodd, Systems Administrator
Last.fm | http://www.last.fm
Karen House 1-11 Baches Street
London N1 6DL
check out my music taste at:
http://www.last.fm/user/hawkeviper
