Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#1241 - firewall: Enabling logging for the WAN zone causes excessive "MSSFIX" log spam #6507

Closed
openwrt-bot opened this issue Dec 22, 2017 · 2 comments
Labels

Comments

@openwrt-bot
Copy link

silentcreek:

When I enable logging of rejected/dropped packages on my WAN zone via the UCI option "log", the system log get's spammed with thousands of MSSFIX messages in just a few hours. The messages look like these (IP and MAC addresses redacted):
Fri Dec 22 22:43:55 2017 kern.warn kernel: [37622.753479] MSSFIX(wan): IN=br-lan OUT=eth0 MAC= SRC= DST= LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=37548 DF PROTO=TCP SPT=57454 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
Fri Dec 22 22:44:05 2017 kern.warn kernel: [37632.021289] MSSFIX(wan): IN=br-lan OUT=eth0 MAC= SRC= DST= LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=20338 DF PROTO=TCP SPT=57455 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
Fri Dec 22 22:44:05 2017 kern.warn kernel: [37632.078328] MSSFIX(wan): IN=br-lan OUT=eth0 MAC= SRC= DST= LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=11712 DF PROTO=TCP SPT=57456 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
Fri Dec 22 22:44:11 2017 kern.warn kernel: [37638.223127] MSSFIX(wan): IN=br-lan OUT=eth0 MAC= SRC= DST= LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=28644 DF PROTO=TCP SPT=52576 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0

The documentation suggests that the option log would only log rejected and dropped packages, which is what I'm interested in. I don't need the MSSFIX messages.

My WAN zone has masquerading as well as the option "mtu_fix" enabled (by default). The "mtu_fix" option seems to cause these messages. Apparently, this has been an issue in OpenWrt a long time ago, was then fixed and somehow got reintroduced? See ticket [1]

How can I enabled logging but not log the useless MSSFIX messages?

Thank you!

[1] https://dev.openwrt.org/ticket/10681

P.S.: I'm using LEDE 17.01.4 on a TP-Link Archer C7 V2.

@openwrt-bot
Copy link
Author

linuxonlinehelp:

I agree, my Routers logs mssfix too.

found this
but had no time to check..
https://dev.archive.openwrt.org/ticket/10681

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant