Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp7634559rdb; Thu, 4 Jan 2024 02:56:18 -0800 (PST) X-Google-Smtp-Source: AGHT+IGkvysHxSmHjunobSljfXvLcYPGcBz0OezKQ0P8Tpfqb2dnLRdjPHOu7hk+/s4k2LcgGMOk X-Received: by 2002:a05:6830:71a3:b0:6db:fc35:54f5 with SMTP id el35-20020a05683071a300b006dbfc3554f5mr419063otb.42.1704365778220; Thu, 04 Jan 2024 02:56:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704365778; cv=none; d=google.com; s=arc-20160816; b=heM4GwOdoxuAm6z41uHxz7lMKzWVvUlABUMmoNIdQQxWEKfC1D9xVrgynE5EjQc1Cb /frFjiarz5ne2SFE+BHVDqKm1L+WZ6/Gvgr9DL70gaCbvM4TbNd6BBlvnY2t+Y2cfoWa 51hZrSt0Uqj0IkGibOP5R9sembQyuzFBDkx0FWAKf7Vc6a2WhuouS4wIgIMWq7f7GY9t Z7zuk18paYWhrfL/uYDECzRrAawVYSf7sJCZB3Rp7Hkj9oI3TQJyXqhKr4sD01j3ThZq dzGj3mnC67hHsbHXe5oXi3pPtbc622RhxHZdvzni3R3QxusTTmAU0WEy6UbMlNh73VXv s7Pg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence :message-id:subject:cc:to:from:date:dkim-signature:dkim-signature; bh=yBmrPPpyuWfFEuChsbZrj8mF9EgX0kLD8+GWYeLFums=; fh=p3d051isysIBG2tRnNEVBlRR4EfIoPqVsSD/uGiKItg=; b=RsGtE9qW/kjxLopqgG6p9MsurNLJLy4Sluof2XfxqA/WG7xPjC+ntPKP+pg/Q84isT AKJuq+ZVG6ZpIFA1142cEu1Yk4E0C8yHkiKj5FS/NTck+eCwdNbugGDIhc5bfzWdrxWF 8QoBRfIcGSG53f84mFHnFR9UNZ1R7KhFYiCadPm9w505A6vHUCTJf+S4H2BklU+Jmk8m HTLBfmhhdReIop5anKrKXSdtZnt2GPglsPe0E398CZ6DFHiGIX8DaPIUGz5pbhLTTexr Ewv+YRnHm8YzcScj5wxPXehSm0vAsH+O60pVux37Fzxn5tsR1hVnyZmOM2UbiKMlGr/C eUsw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (no key) header.i=@nerdbynature.de header.s=key1 header.b=XhXAcV6q; dkim=pass header.i=@nerdbynature.de header.s=key0 header.b=H7UmfpeM; spf=pass (google.com: domain of linux-kernel+bounces-16545-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16545-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=nerdbynature.de Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id c17-20020ac87dd1000000b004282727f2e8si7193389qte.129.2024.01.04.02.56.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Jan 2024 02:56:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-16545-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=neutral (no key) header.i=@nerdbynature.de header.s=key1 header.b=XhXAcV6q; dkim=pass header.i=@nerdbynature.de header.s=key0 header.b=H7UmfpeM; spf=pass (google.com: domain of linux-kernel+bounces-16545-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16545-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=nerdbynature.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id EF4DF1C216CD for ; Thu, 4 Jan 2024 10:56:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id F2F9F2110E; Thu, 4 Jan 2024 10:55:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=permerror (0-bit key) header.d=nerdbynature.de header.i=@nerdbynature.de header.b="XhXAcV6q"; dkim=pass (2048-bit key) header.d=nerdbynature.de header.i=@nerdbynature.de header.b="H7UmfpeM" X-Original-To: linux-kernel@vger.kernel.org Received: from trent.utfs.org (trent.utfs.org [94.185.90.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 562DC20DDF; Thu, 4 Jan 2024 10:55:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nerdbynature.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nerdbynature.de DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=nerdbynature.de; i=@nerdbynature.de; q=dns/txt; s=key1; t=1704365744; h=date : from : to : cc : subject : message-id : mime-version : content-type : from; bh=LtBoXJZU4S2EMXj5t+G2Mf6DrJOQ/owAGiFqMlThCAA=; b=XhXAcV6qnxiuRnDDa2JmX1GYuvGuWw2/5miOPEv2h6+a+8tBPzI0PeNNd1RVho8qZCtiy 1H77RWVwa4UF6kgCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nerdbynature.de; i=@nerdbynature.de; q=dns/txt; s=key0; t=1704365744; h=date : from : to : cc : subject : message-id : mime-version : content-type : from; bh=LtBoXJZU4S2EMXj5t+G2Mf6DrJOQ/owAGiFqMlThCAA=; b=H7UmfpeMf/A4ItKmV03WY69Jn1ym2CrPWnx8hwQgUrohE1AIqZKp4h5YCGFgPFB71cBc3 uD+QnyaRY5H/KFNIfkBKEQj5x4StnH7dEICH3EWQbGaUr3FEg/HA09IE9ESBHfygL4JQxRA IaTZjY7SXIjh45VzMB/t+HDQ9hvU2ukE+Z/PV8akbFV1CnvKIOcnFSCxk/dOX9qpFYwfcjo LcGTKuDO1MOI/8Xr3OWjhFPUI2cuq0zyCF1bSq+wY/3XoaDyBOjtfuvcWECSfS5VAgSO89B FVovyjItePGm0qCOz8Elix8ljvc+P5Kdi/QaMXOUxI3tvM/mY9AXSU6dhFTg== Received: from localhost (localhost [IPv6:::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by trent.utfs.org (Postfix) with ESMTPS id AA1B75FFB8; Thu, 4 Jan 2024 11:55:44 +0100 (CET) Date: Thu, 4 Jan 2024 11:55:44 +0100 (CET) From: Christian Kujau To: linux-kernel@vger.kernel.org cc: netdev@vger.kernel.org, Dmitry Safonov <0x7f454c46@gmail.com>, Francesco Ruggeri , Salam Noureddine , Dmitry Safonov , David Ahern Subject: syslog spam: TCP segment has incorrect auth options set Message-ID: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Ever since commit 2717b5adea9e ("net/tcp: Add tcp_hash_fail() ratelimited logs") the following is printed, in waves of small floods, to syslog: kernel: TCP: TCP segment has incorrect auth options set for XX.20.239.12.54681->XX.XX.90.103.80 [S] This host is connected to the open internet and serves as a small HTTP and SSH login server, not much traffic is happening here. So I'd assume these messages to be the result of random internet scans and/or fingerprinting attempts or the like. While not really a concern, these messages are flooding the dmesg buffer over time :-( Is there a way to adjust the severity of these messages? * In include/net/tcp.h this gets logged with tcp_hash_fail(), which is * defined in include/net/tcp_ao.h and calls net_info_ratelimited(), which * is in turn defined in include/linux/net.h and calls pr_info(). Can e.g. net_dbg_ratelimited be used instead? Thanks, Christian. -- BOFH excuse #78: Yes, yes, its called a design limitation