Daniel Hartmeier <[EMAIL PROTECTED]> writes:
> Try lowering the tcp.closed timeout for these state entries, so the
> first state is removed earlier. The default is 90 seconds (so late
> packets are associated with the state entry for 90 seconds after the
> connection has been closed). You can redu
On Tuesday 16 December 2003 18:41, [EMAIL PROTECTED] wrote:
> This box is loaded with 23 interfaces (3 quad intel, 1 dual fiber
> intel, and 2 quad dlink plus one em onboard).
Is it your xmas tree ? ;-D
Merry Xmas
Ed
On Wed, Dec 17, 2003 at 09:48:46AM +0100, [EMAIL PROTECTED] wrote:
> Yes that is the problem I get BAD State with the misc debug. How come
> this violates TCP?
The more obvious rule is that two concurrent TCP connections cannot
use the same source/destination address/port pair at the same time,
a
Daniel Hartmeier <[EMAIL PROTECTED]> writes:
[...]
>
> Sounds like the source/destination address/port pair is reused before
> the state is removed. For instance, if the first connections uses
> 10.1.2.3:789 <-> 10.2.3.4:514, the client is not allowed to reuse source
> port 789 before 2MSL (about
On Tue, Dec 16, 2003 at 06:41:55PM +0100, [EMAIL PROTECTED] wrote:
> from my debugging, the first connection (which works) goes from one
> interface to pf then to the ountbound interface (keep state make the
> return).
>
> and then with tcpdump on the $int_client I see the other connection
> (the
Hi,
Something weird is happening to one of my firewall running OPENBSD_3_4
This box is loaded with 23 interfaces (3 quad intel, 1 dual fiber
intel, and 2 quad dlink plus one em onboard).
The problem is that we use on the internal network rsh to connect for
different reasons. and with a (keep|mod
