D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-825 => Topic started by: Raz0r-B on December 10, 2009, 12:34:36 PM

Title: SPI problems how to solve ?
Post by: Raz0r-B on December 10, 2009, 12:34:36 PM

Since i installed this latest firmware for my router
http://forums.dlink.com/index.php?topic=9234.0

I have a router log full of this:

Quote

Oct 20 16:02:48     notice     Blocked incoming TCP Ack packet from 1.1.1.1:52222 to 2.2.2.2:53460 with unexpected sequence
Oct 20 16:02:22     notice     Blocked incoming TCP Ack packet from 1.1.1.1:52222 to 2.2.2.2:53460 with unexpected sequence
Oct 20 16:02:11     notice     Blocked incoming TCP Ack packet from 1.1.1.1:52222 to 2.2.2.2:53520 with unexpected sequence
Oct 20 16:02:10     notice     Blocked incoming TCP Ack packet from 1.1.1.1:52222 to 2.2.2.2:53416 with unexpected sequence
Oct 20 16:02:09     notice     Blocked incoming TCP Ack packet from 1.1.1.1:52222 to 2.2.2.2:53460 with unexpected sequence

I know this traffic can be trusted but how to filter this as allowd traffic?

I know i can disable SPI but that is the easy way.

Title: Re: SPI problems how to solve ?
Post by: th on December 10, 2009, 12:46:44 PM

Quote from: Raz0r-B on December 10, 2009, 12:34:36 PM

I know i can disable SPI but that is the easy way.

disbling SPI did not help in my case. the disconnects after 8min (irc, skype & co) still happened, even with all special router features disabled.

Title: Re: SPI problems how to solve ?
Post by: hachi on December 23, 2009, 05:41:03 PM

just set up an inbound filter to allow that address:

http://192.168.0.1/Advanced/Inbound_Filter.shtml

but you might still need to forward the ip to whatever you want them to reach, because depending on your nat settings it might get blocked anyway, if they have no previously open connection that makes sense to the nat table.