Date: Sat, 27 Jan 2001 10:58:40 -0500 (EST) From: Wesley Morgan <morganw@chemikals.org> To: <freebsd-stable@freebsd.org> Cc: <ipfilter@coombs.anu.edu.au> Subject: weirdness on freebsd-stable Message-ID: <Pine.BSF.4.31.0101270940050.98409-100000@volatile.chemikals.org>
next in thread | raw e-mail | index | archive | help
I have 2 boxes running -stable and I am seeing very very weird behavior.
ipfilter suddenly decides that the current rules are nuts and won't allow
any outbound connections. After much frustration and moving around of
rules, I managed to get it working on one machine... Only to suddenly see
that a few days later now inbound connections are not allowed! The second
machine today began to deny the outbound connections and is exhibiting the
identical behavior as the first.
I think I have narrowed it down to some problem with state. The original
failed machine will allow a connection to be negotiated (flags S) but no
further packets. Removal of the 'flags S' parameter on all rules appears
to fix the problem. Upgrading to the latest ipfilter does not seem to fix
it.
What on earth could this be? My world and kernel are not currently in
sync (except for ipfilter) but how can that effect the firewall?
--
_ __ ___ ____ ___ ___ ___
Wesley N Morgan _ __ ___ | _ ) __| \
morganw@chemikals.org _ __ | _ \._ \ |) |
FreeBSD: The Power To Serve _ |___/___/___/
6bone: 3ffe:1ce3:7::b4ff:fe53:c297
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0101270940050.98409-100000>