Date: Sun, 10 Feb 2002 19:50:04 -0800 From: Ben Lovett <blovett@bsdguru.com> To: stable@freebsd.org Subject: Re: IPF dropping packets randomly Message-ID: <20020210195004.A1040@bsdguru.com> In-Reply-To: <20020209092201.A64202@bsdguru.com>; from blovett@bsdguru.com on Sat, Feb 09, 2002 at 09:22:01AM -0800 References: <20020208100752.A13206@bsdguru.com> <3C64B5D9.1060306@rshb.com.ru> <20020209092201.A64202@bsdguru.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I believe Ben Lovett (blovett@bsdguru.com) scribbled this: > I believe Evgueni V. Gavrilov (admin@rshb.com.ru) scribbled this: > > Ben Lovett wrote: > > > > >I have made my ruleset available at > > >http://www.tilderoot.com/~blovett/laptop/ipf.rules > > > > > ipmon's log would be fine > > > > -- > > VAMPIRO-RIPN > > After doing some more looking around, I discovered that my state table > was full at those points in time. I also find it peculiar that > connections to, for example, a IRC server after being closed are set to > a TTL of 1 minute, while SSH sessions disappear from the state listing > entirely, only to time out 2 hours later (or so it appears). Once a > connection is closed, how does IPF determine how long to leave an entry > in the state table for? Is it based on the TTL of a packet finalizing > the close of the connection? Well, don't I feel like a fool now. Thats what I get for not reading ipfstat(8) ... I see that I can use -C with -t to see closed states. With regards to why my state table was filling up, i had been running some bandwidth benchmarks using ttcp, and it seems that they do not properly close the connection. That would be what was filling up my state table because ~700 states were created each time I ran the benchmark. Regards, -- Ben Lovett <blovett@bsdguru.com> -------------------------------------------------------------------------- All true wisdom is found on T-shirts. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020210195004.A1040>