Date: Fri, 13 Jul 2007 13:17:33 +0400 From: Alexey Sopov <adler@smtp.ru> To: "Scott Ullrich" <sullrich@gmail.com> Cc: freebsd-stable@freebsd.org Subject: Re[2]: Seems like pf skips some packets. Message-ID: <1626939090.20070713131733@smtp.ru> In-Reply-To: <d5992baf0707120856n31c0480aw6209be33820e3e30@mail.gmail.com> References: <241432407.20070712131014@smtp.ru> <d5992baf0707120856n31c0480aw6209be33820e3e30@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
While thinking about why it happens once in 5 seconds and has only ACK bit
set, I tried to check some timeout variables and found interesting
thing.
These lines are in /etc/pf.conf:
set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 }
And this I get from pfctl -s timeouts:
TIMEOUTS:
tcp.first 30s
tcp.opening 5s
tcp.established 18000s
tcp.closing 60s
tcp.finwait 30s
tcp.closed 30s
tcp.tsdiff 10s
udp.first 60s
udp.single 30s
udp.multiple 60s
icmp.first 20s
icmp.error 10s
other.first 60s
other.single 30s
other.multiple 60s
frag 5s
interval 2s
adaptive.start 0 states
adaptive.end 0 states
src.track 0s
Setting are loaded in pf via /etc/rc.d/pf start
Why do these things differ?
P.S. Sorry for my English.
--
Alexey mailto:adler@smtp.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1626939090.20070713131733>