Hello,
On Tue, Jul 04, 2023 at 11:22:34AM +0300, Kapetanakis Giannis wrote:
> Hello,
>
> I will try your diff, but since I have to completely turn off mail service it
> might take a while.
>
> Meanwhile, just a wild guess from my side, although I'm not a dev:
>
> It seems to me that a table is being removed, specifically the table that has
> the hosts for the redirect. It's like after some active sessions expire
> (1-2min delay), the table is being removed like it's not persistent. Why did
> the table was removed on the first place? Maybe because there was no active
> host inside that table (table empty).
'why table got removed?' is the right question. the tables are being
removed by kill_tables() function in pfe_filter.c. The function itself is
being called on behalf of flush_rulesets(), which is called by
pfe_shutdown().
also remember logs you've captured cleanly indicate we are on shutdown road.
so there is a next question: how relayd process got to its shutdown path?
also the relayd which exits: does it run on primary firewall or on secondary
one?
thanks and
regards
sashan
