From owner-freebsd-current@FreeBSD.ORG Fri Sep 17 03:00:30 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D348616A4CE; Fri, 17 Sep 2004 03:00:30 +0000 (GMT) Received: from smtpout-1.iphouse.net (smtpout-1.iphouse.net [216.250.188.190]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8855F43D1F; Fri, 17 Sep 2004 03:00:30 +0000 (GMT) (envelope-from veldy@veldy.net) Received: from veldy.net (unknown [209.240.64.129]) by smtpout-1.iphouse.net (Postfix) with ESMTP id B442B10774; Thu, 16 Sep 2004 22:00:29 -0500 (CDT) Received: from localhost (localhost.veldy.net [127.0.0.1]) by veldy.net (Postfix) with ESMTP id 9595826; Thu, 16 Sep 2004 22:00:27 -0500 (CDT) Received: from veldy.net ([127.0.0.1]) by localhost (fuggle.veldy.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01526-09; Thu, 16 Sep 2004 22:00:18 -0500 (CDT) Received: from [127.0.0.1] (cascade.veldy.net [192.168.1.1]) by veldy.net (Postfix) with ESMTP id 6550821; Thu, 16 Sep 2004 22:00:17 -0500 (CDT) Message-ID: <414A533A.8000009@veldy.net> Date: Thu, 16 Sep 2004 22:00:10 -0500 From: "Thomas T. Veldhouse" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040803 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-pf@freebsd.org, freebsd-current@freebsd.org X-Enigmail-Version: 0.86.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig866F1C8EBADCF0F805A6D9AC" X-Virus-Scanned: by amavisd-new at veldy.net Subject: PF Issue with BETA4 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Sep 2004 03:00:31 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig866F1C8EBADCF0F805A6D9AC Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit It seems that, at least with the PF devices built into the kernel that an issue arises during shutdown. As I was rebooting the server, I noticed that the disks were syncing and yet there was a huge amount of traffic on my router to the Internet. Upon inspection, packets were still passing through the kernel and a large download was still going on through a kernel that should have long ago quite passing traffic! In other words, it appears that the NAT function of PF does not shutdown as it should while the the OS is shutting down. Traffic ceases almost immediately with IPFW and IPFILTER. Thanks, Tom Veldhouse --------------enig866F1C8EBADCF0F805A6D9AC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBSlM9ARgTFXYf0wARAhroAJ9ulsb1c0CSLYnpCZOik4Q5x/E3aQCfdXGy SvJ9CtOLICQehUZbyugVn7o= =NYEQ -----END PGP SIGNATURE----- --------------enig866F1C8EBADCF0F805A6D9AC--