On Aug 29, 2009, at 12:35 PM, Matthew Toseland wrote:
Any thoughts? The original poster thinks this is an attack, and NAT
problems seem unlikely given that the packets on the different port
are all at the same time. Also for the same reason it is unlikely
that it is a harvesting attempt - they would be spread out over a
long period.
From: Toni Bergman <[email protected]>
Date: July 30, 2009 7:12:05 AM CDT
To: [email protected]
Subject: [freenet-support] Part 2: Probably a bug: please report: 1
peers forcibly disconnected due to not acknowledging packets.
Reply-To: [email protected]
Hi, I got this error again, but this time I got more info about it
Probably a bug: please report: 1 peers forcibly disconnected due to
not acknowledging packets.
1 of your peers are having severe problems (not acknowledging
packets even after 10 minutes). This is probably due to a bug in the
code. Please report it to us at the bug tracker at https://bugs.freenetproject.org/
or to the support mailing list [email protected]. Please
include this message and what version of the node you are running.
The affected peers (you may not want to include this in your bug
report if they are darknet peers) are:
* 165.154.46.119:34072
Versio info
* Freenet 0.7.5 Build #1223 build01223-real
* Freenet-ext Build #26 r23771
My machine: modern gaming specs win xp pro, direct connection.
Here's the extra info, it seems that peer is trying to attack my
node and probably many others. Switching it's port and trying to
connect again. Since opennet by default won't allow more than 1
connection per IP, I don't see the point.. Maybe it's giving me some
false info in order to confuse my node. Here's what I found at my
CONNECTIVITY - stats page. I removed all but the 1 attacking ip
address so it's clearer to view.
Packets for UDP Opennet port 7464 by port - Maybe port forwarded
(minimum tunnel lifetime 5h31m)
Address Sent/received packets Local/remote Startup to first
send Online to first receive
62.202.36.197:25164 1/ 1 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
62.202.36.197:25163 4/ 2 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
62.202.36.197:25165 5/ 2 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
62.202.36.197:25168 1/ 1 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
62.202.36.197:25167 3/ 2 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
62.202.36.197:25170 2/ 1 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
62.202.36.197:25169 3/ 2 REMOTE 3h12m 3h12m
3h12m @ 2h23m ago
As I understand it these port numbers are on the remote side; the
peer's open port, not the local node... so I'm not sure I would label
this as any spamming/flooding, etc.
If anything, it seems consistent with a faulty peer (maybe a devel
doing networking experiments), or a networking bug which makes the
node in question not able to keep a consistent UDP port. Quite likely
it is also inserting arp changes into freenet along with the port
changes.
The 'not acknowledging packets' also jives with this, as if the peer
keeps moving ports, we'll be sending a lot of packets to such a port
that nobody is listening.
Surely benign to the reporting node, 62.202.36.197 on the other
hand... probably isn't working at all.
--
Robert Hailey
_______________________________________________
Devl mailing list
[email protected]
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
