[ Charset ISO-8859-1 unsupported, converting... ] > Darren Reed wrote: > > Can you identify where these packets go? > > All those I'm interested in are coming from the same machine: they are > cascaded proxies. The one I'm having trouble with is the outside proxy. > The inside proxy is the one from which all connections come, a few of > those are blocked. > However, the same problem happen with many other web sites. > > > pfil stats show anything? > > Where do I find those on Solaris? kstat doesn't show anything?
ndd /dev/pfil qif_status > > ipfstat? > > Nothing obvious to me: > > # ipfstat .. > packet state(in): kept 121296 lost 240 > packet state(out): kept 71694 lost 201 .. > # ipfstat -s > IP states added: .. > 311 maximum .. > The packets blocked are incoming (SYN on an authorized port w/ a "flags > S keep state" rule), or outgoing, on a the same rule, so the state > should allow the outgoing packet. Any chance the above numbers would match the problems your users are seeing in terms of quantity? How should these maximum hits be reported? They are causing a lot of people problems, so it isn't obvious enough... Darren
