On 2007/09/27 10:16, Reza Muhammad wrote: > Here's the log: Can's suggestion to block the incoming packets on sis0 is good.
The problem is caused because you receive a lot of junk traffic from your ISP's network. Since OpenBSD 4.1, PF uses 'keep state' by default (this avoids some problems with common rulesets and TCP window scaling) and this is causing a lot of unnecessary states to be created. So I guess before you upgraded, you used a version from before 4.1. > and there's still more. I noticed that the traffic coming in > from 192.168.*.* aren't from my local network. It looks like your ISP has many subnets running over the same physical network.
