Odd tcp error in syslog

  • I have my syslog for pfsense routed to papertrailapp and I keep getting a notification on this error and was wondering if anyone can help me decipher it:

    Mar 26 19:15:42 filterlog: 5,,,1000000103,em0,match,block,in,4,0x0,,238,3891,0,DF,6,tcp,40,,,51727,8291,-4,S,errormsg='[bad hdr length 24 - too long, > 20]',

  • Could be something to do with this:


    Telnet to gives a Mikrotik RouterOS login prompt.

    Might also be related to vt44's thread

  • [2.4.2-RELEASE][admin@pfSense.geek.local]/root: pfctl -vvsr | grep -A3 1000000103
    @5(1000000103) block drop in log inet all label "Default deny rule IPv4"
      [ Evaluations: 666223    Packets: 6750      Bytes: 588103      States: 0    ]
      [ Inserted: pid 15505 State Creations: 0    ]
    @6(1000000104) block drop out log inet all label "Default deny rule IPv4"

Log in to reply