From owner-freebsd-pf@FreeBSD.ORG  Mon Jul 12 08:18:44 2010
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D1B63106564A
	for <freebsd-pf@freebsd.org>; Mon, 12 Jul 2010 08:18:44 +0000 (UTC)
	(envelope-from bc979@lafn.org)
Received: from zoom.lafn.org (zoom.lafn.org [206.117.18.8])
	by mx1.freebsd.org (Postfix) with ESMTP id B094F8FC12
	for <freebsd-pf@freebsd.org>; Mon, 12 Jul 2010 08:18:44 +0000 (UTC)
Received: from [10.0.1.4] (pool-71-109-144-133.lsanca.dsl-w.verizon.net
	[71.109.144.133]) (authenticated bits=0)
	by zoom.lafn.org (8.14.3/8.14.2) with ESMTP id o6C8IY0u058918
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO);
	Mon, 12 Jul 2010 01:18:36 -0700 (PDT) (envelope-from bc979@lafn.org)
References: <71E83E87-9849-4963-8260-4473DC931CA2@lafn.org>
	<EA284544-F36C-41F0-A233-14F529D6837A@elvandar.org>
	<746C7B18-9A4C-4B79-8396-9161660EEF61@lafn.org>
	<46af4cb6a759a1c232b9dd63997334aa.squirrel@www.jr-hosting.nl>
	<E495806E-A05C-4F13-BE42-131A1F0D788B@lafn.org>
	<20100712065214.GA20464@insomnia.benzedrine.cx>
In-Reply-To: <20100712065214.GA20464@insomnia.benzedrine.cx>
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset=us-ascii
Message-Id: <EC327EA0-F60E-46A8-92A4-BB87CB95CC1F@lafn.org>
Content-Transfer-Encoding: quoted-printable
From: Doug Hardie <bc979@lafn.org>
Date: Mon, 12 Jul 2010 01:18:33 -0700
To: Daniel Hartmeier <daniel@benzedrine.cx>
X-Mailer: Apple Mail (2.1081)
X-Virus-Scanned: clamav-milter 0.95.3 at zoom.lafn.org
X-Virus-Status: Clean
Cc: freebsd-pf@freebsd.org
Subject: Re: Interpreting Logs
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jul 2010 08:18:44 -0000


On 11 July 2010, at 23:52, Daniel Hartmeier wrote:

> On Sun, Jul 11, 2010 at 11:20:42PM -0700, Doug Hardie wrote:
>=20
>> I am trying to understand what pf is trying to tell me.  Its =
generating those messages for a reason.  The volume of them depends on =
how many rules have log in them and how often they are invoked. =20
>=20
> Some explanations can be found in
>=20
>  http://www.undeadly.org/cgi?action=3Darticle&sid=3D20060928081238
>=20
> search for "BAD state" in the text.

Thanks.  That is really helpful in understanding how pf really works.  I =
will have to dig through it in more detail.  Is there anything else =
written on the other messages?=