I've read tons of posts about this, but none of them have an actual answer.
We have 3 machines, one (not in our care) balance loads to the other two. The first one is working correctly with a FreeBSD, the other one was recently formatted and is now using Ubuntu Server.
The second machine is currently leaving all connections on SYN_RECV for no apparent reason. Both machines have no firewall.
dmesg shows the Possible SYN Flood attack but we know it is not the case.
What could be wrong? Is there some kernel configuration I must do? Does Ubuntu have some known issue with this?
Thanks
Edit: I found a rule on the PF of the BSD machine, I'm not sure but it should be related to this problem.
pass in log on bce1 proto tcp from <nois> to any port = http flags S/SA keep state (max 2000, source-track rule, max-src-states 120, max-src-conn 80, adaptive.start 1200, adaptive.end 2400)
It basically keepts state of SYN SYNACK flag packages... does anyone know how to translate this to IPTABLES ?