From owner-freebsd-stable Sun Feb 10 19:50:27 2002 Delivered-To: freebsd-stable@freebsd.org Received: from the.oneinsane.net (the.oneinsane.net [66.42.61.25]) by hub.freebsd.org (Postfix) with ESMTP id 3847E37B41A for ; Sun, 10 Feb 2002 19:50:19 -0800 (PST) Received: from venus.bsdguru.com (venus.bsdguru.com [207.113.133.11]) by the.oneinsane.net (Postfix) with ESMTP id D1FA215681 for ; Sun, 10 Feb 2002 19:50:12 -0800 (PST) Received: by venus.bsdguru.com (Postfix, from userid 1000) id 132DC3E66; Sun, 10 Feb 2002 19:50:05 -0800 (PST) Date: Sun, 10 Feb 2002 19:50:04 -0800 From: Ben Lovett To: stable@freebsd.org Subject: Re: IPF dropping packets randomly Message-ID: <20020210195004.A1040@bsdguru.com> Mail-Followup-To: Ben Lovett , stable@freebsd.org References: <20020208100752.A13206@bsdguru.com> <3C64B5D9.1060306@rshb.com.ru> <20020209092201.A64202@bsdguru.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020209092201.A64202@bsdguru.com>; from blovett@bsdguru.com on Sat, Feb 09, 2002 at 09:22:01AM -0800 X-Moon: The Moon is Waning Crescent (2% of Full) X-GPG-Key: http://www.bsdguru.com/~blovett/blovett.pgp X-GPG-Fingerprint: C75F A722 1518 03B8 26C3 77A1 7C76 8AFA EBAB 2004 X-Disclaimer: All things expressed here are my opinions only, and not those of any past, present or future employers. X-Organization: San Diego BSD Users Group [http://www.sdbug.org] X-Operating-System: FreeBSD venus 4.4-STABLE X-Uptime: 7:42PM up 41 mins, 5 users, load averages: 0.00, 0.00, 0.00 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I believe Ben Lovett (blovett@bsdguru.com) scribbled this: > I believe Evgueni V. Gavrilov (admin@rshb.com.ru) scribbled this: > > Ben Lovett wrote: > > > > >I have made my ruleset available at > > >http://www.tilderoot.com/~blovett/laptop/ipf.rules > > > > > ipmon's log would be fine > > > > -- > > VAMPIRO-RIPN > > After doing some more looking around, I discovered that my state table > was full at those points in time. I also find it peculiar that > connections to, for example, a IRC server after being closed are set to > a TTL of 1 minute, while SSH sessions disappear from the state listing > entirely, only to time out 2 hours later (or so it appears). Once a > connection is closed, how does IPF determine how long to leave an entry > in the state table for? Is it based on the TTL of a packet finalizing > the close of the connection? Well, don't I feel like a fool now. Thats what I get for not reading ipfstat(8) ... I see that I can use -C with -t to see closed states. With regards to why my state table was filling up, i had been running some bandwidth benchmarks using ttcp, and it seems that they do not properly close the connection. That would be what was filling up my state table because ~700 states were created each time I ran the benchmark. Regards, -- Ben Lovett -------------------------------------------------------------------------- All true wisdom is found on T-shirts. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message