I have a FreeBSD 10.3 box running as a VM on VMWare ESXi. It's just a personal server that hasn't been touched in several years. It runs Apache 2.4, Postfix 3.3.1 and sshd. For whatever reason, attempts to connect to Apache started failing. The cause is that FreeBSD is sending a RST packet back after a client sends the inital SYN packet. Apache is running and there are no errors in the Apache logs. It seems like the RST is being produced by FreeBSD OS. I do not have any firewall software running on this FreeBSD box and the client is on the same network. No firewall is between them. Here's the network diagram:
I can see the server is listening:
And here is the tcpdump output showing the RST being sent immediately:
I am at a loss as to what is causing this behavior. Any suggestions of things to check would be greatly appreciated.
Cheers,
Drew
I can see the server is listening:
Code:
# sockstat -4l
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
www httpd 82132 3 tcp4 *:80 *:*
www httpd 82131 3 tcp4 *:80 *:*
root httpd 82130 3 tcp4 *:80 *:*
And here is the tcpdump output showing the RST being sent immediately:
Code:
# tcpdump -v host 192.168.1.14
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 65535 bytes
16:18:44.022326 IP (tos 0x0, ttl 128, id 11601, offset 0, flags [DF], proto TCP (6), length 52)
tagalong-ii.mykitchentable.net.25684 > blacklamb.mykitchentable.net.http: Flags , cksum 0x8026 (correct), seq 3837723177, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
16:18:44.022455 IP (tos 0x0, ttl 64, id 50584, offset 0, flags [DF], proto TCP (6), length 40)
blacklamb.mykitchentable.net.http > tagalong-ii.mykitchentable.net.25684: Flags [R.], cksum 0x837d (incorrect -> 0xe0df), seq 0, ack 3837723178, win 0, length 0
Cheers,
Drew
Last edited: