On Mon, 6 Feb 2012 12:27:08 +0000 Mark Lumsden <m...@cyodesigns.com> wrote:
> On 06 February 2012 at 10:53 Mark Lumsden <m...@showcomplex.com> > wrote: > > > >On 2012/02/06 00:21, Bryan Steele wrote: > > >> On Mon, Feb 06, 2012 at 04:47:45AM +0000, Mark Lumsden wrote: > > >> > There is a CAVEAT section in the man page that should also be > > >> > amended, I suspect. > > >> > > >> Heh, whoops. :) > > >> > > >> > Although useless on the initaiting machine, is it of any use to > > >> > be able to scan a range of UDP ports, for diagnotic reasons, > > >> > and to see what is received (or not) on the receiving machine? > > >> > As in, can anything be infered from the opens reaching (or not) > > >> > the scanned machine? > > >> > > >> From what I can tell, no traffic is actually generated on the > > >> initaiting machine.. nothing in tcpdump anyway. > > > > > >Traffic is generated for me, but it's inconsistent, if I try > > >'nc -z -u somehost 1-65535' sometimes I get 10K ports, sometimes > > >a few hundred. Haven't seen the full set. > > > > > > > The source code has a comment in udptest() in netcat.c about this > > problem. > > > > Actually, I notice from systat that the maximum connections in the > [states] screen goes up to 10,000 (e.g if you use a range of 1-50000) > then no more UDP packets can be sent until some of the existing ones > start timing out at 60+seconds. Then, if you reissue the command, as > you reach 10,000 again no more UDP packets are sent. So looks like > the maximum connections is a PF limitation. When PF is switched off > the number increases. did you try the following, pf.conf: set limit states 25000 ? -- With best regards, Gregory Edigarov