From owner-freebsd-questions@FreeBSD.ORG Fri Oct 19 14:20:18 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 822C716A420 for ; Fri, 19 Oct 2007 14:20:18 +0000 (UTC) (envelope-from budiyt@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.181]) by mx1.freebsd.org (Postfix) with ESMTP id 463FA13C46E for ; Fri, 19 Oct 2007 14:20:17 +0000 (UTC) (envelope-from budiyt@gmail.com) Received: by py-out-1112.google.com with SMTP id u77so1046587pyb for ; Fri, 19 Oct 2007 07:20:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=DEVtEvY9MPvPnOqXVHUWPsUysxmMMMBCndnWHt2jBQU=; b=DpV35+MxQ7JxB5o/JWGT7DwdruwPjoXowhVin4NH1kdgO4WW9RIcqtsqPwJ2Bp6oSUu6a3PIrXTHic4zof/WiAhP4Cy6zk5/s8PTMGcLrO21V5/q/DoyAdzsuz6H9Qxb+IjguDDmA4XJ1y+RdSmC3ZzfSg32YMyWnx6lZFNz1cU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=ZrZ3KxK+sFjRMbmCZAtAg8BzIrdO3VZtSBDukdtB6afM65rWXQ2vo0D/XgZ17ra33LHt19AxUPIwUUHcYoNt2GBvfwDh1a0q1ClJUHGHfNrUugVQcAVTg6kqq74vufyF46ax76spnkQ2a+Qtd5hhchYTPm7a5CzEAm6NSo07pFc= Received: by 10.65.135.19 with SMTP id m19mr3449586qbn.1192802026761; Fri, 19 Oct 2007 06:53:46 -0700 (PDT) Received: by 10.65.61.6 with HTTP; Fri, 19 Oct 2007 06:53:46 -0700 (PDT) Message-ID: <4d4dc3640710190653m7ba7731bo6d494f3f8a6a8c31@mail.gmail.com> Date: Fri, 19 Oct 2007 20:53:46 +0700 From: budsz To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Strange problem of ipfilter X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Oct 2007 14:20:18 -0000 Hallo, I got strange problem ipfilter on FreeBSD 6.2-STABLE. After uptime my machine running 7 days until 10 days, I can't access DNS, sometime SSH, and etc, to my box, but this happen randomly. For example I've rule like this: # SSH pass in quick on rl0 proto tcp from 192.168.0.0/24 to 192.168.0.100/32 port = 22 keep state # DNS pass in quick proto udp from 192.168.0.0/24 to 192.168.0.100/32 port = 53 keep state Whereis: 192.168.0.0/24 my client block ip, 192.168.0.200/32 ip box running ipfilter. I try to create rule: pass in all pass out all Then reload ipfilter rule. Or I try to restart my machine with my default rule. So everything gone be alright. FYI, I use: root:~# ipf -V ipf: IP Filter: v4.1.13 (416) Kernel: IP Filter: v4.1.13 Running: yes Log Flags: 0 = none set Default: block all, Logging: available Active list: 0 Feature mask: 0xa root:~# uname -srm FreeBSD 6.2-STABLE i386 I do compile ipfilter with default block in kernel configuration. This night I'll try to make world my FreeBSD box and I hope FreeBSD's commiter already revision with this bug. Would you give some clue to fix this problem. Thanks you for your help. TIA -- budsz