Fresh news.
I've noticed all unblocked packets have tcp window suggestion set to 0
(zero). I tried to block these packets on external interface:
~>sudo ipfw add 10 deny log tcp from 192.168.0.0/16 to any via external out
tcpwin 0
This rule is the first rule in ipfw.
Then I looked for such packe
>> Setting are loaded in pf via /etc/rc.d/pf start
>>
>> Why do these things differ?
EC> These are the timeout settings for "set optimization aggressive". If
EC> it appears after your set timeout lines, then it will take
EC> precedence. If this doesn't appear within your pf.conf, then this
EC>
While thinking about why it happens once in 5 seconds and has only ACK bit
set, I tried to check some timeout variables and found interesting
thing.
These lines are in /etc/pf.conf:
set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
set timeout { tcp.closing 900, tcp.finwait 45,
>> Why these packets weren't translated by pf nat rules or filtered by pf
>> block rule?
>>
>> Note they appear once in five seconds. Tried to modify frag parameter,
>> but this didn't help. Also I noticed they all have ACK bit set.
>>
>> Thank you.
SU> What is the date of your build (uname -a).
Hi
On my machine with FreeBSD 6.2-STABLE #4 I noticed there are
outgoing packets from net 192.168.0.0/16 on external interface
Some details:
Here 1 < a,b,c,d,e,f < 254
~> ifconfig internal
internal: flags=8843 mtu 1500
options=4b
inet 192.168.0.1 netmask 0xff00 b
>> #16 0xc0539c1c in ithread_execute_handlers ()
>> #17 0xc0539d66 in ithread_loop ()
>> #18 0xc053878f in fork_exit ()
>> #19 0xc06ec18c in fork_trampoline ()
XL> I think this was a fatal trap 12 and you may want to try if updating to
XL> 6.2-STABLE helps. There was some important related fixes
Hi
Yesterday and today I've got this fatal trap
(kgdb) kldsyms
add symbol table from file
"/usr/obj/usr/src/sys/router/modules/usr/src/sys/modules/netgraph/ether/ng_ether.ko.debug"
at
.text_addr = 0xc77b20a0
.data_addr = 0xc77b4260
.bss_addr = 0xc77b436c
(kgdb) bt
#0 0x
Hi!
Yesterday I've updated my FreeBSD 6.0-RELEASE + mpd-4.0b4 up to
FreeBSD 6.2-RELEASE + mpd-4.1. And today I have a Fatal Trap.
Could you please help me to figure out what the problem consists in?
I folowed instructions described in handbook:
[intel][root]~# kgdb /usr/obj/usr/src/sys/router
Hi!
Yesterday I've updated my FreeBSD 6.0-RELEASE + mpd-4.0b4 up to
FreeBSD 6.2-RELEASE + mpd-4.1. And today I have a Fatal Trap.
Could you please help me to figure out what the problem consists in?
I folowed instructions described in handbook:
[intel][root]~# kgdb /usr/obj/usr/src/sys/router
DOC> I don't know if this will help, but mpd4 is the development version--I'd
DOC> try mpd 3 (/usr/ports/net/mpd). I'm using it for a VPN server on FBSD
DOC> 6.0, without any troubles...
The problem was solved. There was a tunnel loop.
With 400+ users mpd4 works much better than mpd3.18
--
[ /
I have installed a FreeBSD 5.4-RELEASE router, with mpd4 (for pptp
clients) and with ng_netflow for traffic collecting, the machine also
performs NAT be means of pfnat.
But my machine occasionally freezes. It does not respond to echo
requests over ethernet and it even does not respond to keyboard.
11 matches
Mail list logo
