From owner-freebsd-questions Thu Jan 24 15: 7:49 2002 Delivered-To: freebsd-questions@freebsd.org Received: from green.csi.cam.ac.uk (green.csi.cam.ac.uk [131.111.8.57]) by hub.freebsd.org (Postfix) with ESMTP id 708A837B404 for ; Thu, 24 Jan 2002 15:07:07 -0800 (PST) Received: from [127.0.0.1] (helo=localhost ident=root) by green.csi.cam.ac.uk with esmtp (Exim 3.22 #1) id 16TsxR-0005N9-00; Thu, 24 Jan 2002 23:07:01 +0000 Date: Thu, 24 Jan 2002 23:06:52 +0000 From: AMAKAWA Shuhei To: "Mario Doria" Cc: , Subject: Re: IPF Dropping connections in the middle of a transfer In-Reply-To: <003b01c1a48e$39fabed0$0a00a8c0@Deathstar> References: <003b01c1a48e$39fabed0$0a00a8c0@Deathstar> MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII Message-Id: Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At Wed, 23 Jan 2002 22:18:47 -0600, Mario Doria wrote: > > Hello, > > I'm looking for some help regarding my IPFilter ruleset, as far as I can > tell, it looks OK. The problem is that some remote users when transfering > files with sftp suddenly lose the connection to the server. Other cases are > where tranfering files via FTP (using windows client leechFTP), the > connection times out randomly (always before the timeout in leechFTP). On > both ocations, I haven't been able to reproduce the problem. > > I hope someone can shed some light into this! > > Thanks, > > Mario Doria > madd@tecdigital.net I started to see probably the same problem since November 2001 or something. I suspect some recent change in the FreeBSD tcp code is affecting IP Filter's stateful inspection. sysctl net.inet.tcp.recvspace=32768 mitigates the problem somewhat (default is 65536). (I didn't look at your rules.) -- Shuhei To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message