Hi,
I have a openbsd pf firewall protecting a web server, I have noticed that
some pages gives me errors when browsing through my site (sometimes it works
sometimes not), then I looked at pf and saw that is blocking a lot of
connectyions, how do I know which connections is blocking?
# pfctl -s info
Status: Enabled for 202 days 23:34:57 Debug: Urgent
Interface Stats for bge0 IPv4 IPv6
Bytes In 1637636412652 1992
Bytes Out 1954253582327 0
Packets In
Passed 6000993286 31
Blocked 125620228 0
Packets Out
Passed 6379190130 0
Blocked 43305301 0
State Table Total Rate
current entries 9656
searches 25855533798 1474.3/s
inserts 2050396787 116.9/s
removals 2050387131 116.9/s
Counters
match 2334111432 133.1/s
bad-offset 0 0.0/s
fragment 64 0.0/s
short 20 0.0/s
normalize 0 0.0/s
memory 240838837 13.7/s
bad-timestamp 0 0.0/s
congestion 118 0.0/s
ip-option 0 0.0/s
proto-cksum 0 0.0/s
state-mismatch 275884 0.0/s
state-insert 33110230 1.9/s
state-limit 0 0.0/s
src-limit 0 0.0/s
synproxy 0 0.0/s
--
View this message in context:
http://old.nabble.com/pf-is-blocking-too-much-connections--tp26339870p26339870.html
Sent from the openbsd - packet filter mailing list archive at Nabble.com.
