Date: Fri, 17 Sep 2004 11:13:57 +0200 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: PF Issue with BETA4 Message-ID: <200409171114.05717.max@love2party.net> In-Reply-To: <414A533A.8000009@veldy.net> References: <414A533A.8000009@veldy.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1259786.cHlA3KVM1K Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 17 September 2004 05:00, Thomas T. Veldhouse wrote: > It seems that, at least with the PF devices built into the kernel that > an issue arises during shutdown. As I was rebooting the server, I > noticed that the disks were syncing and yet there was a huge amount of > traffic on my router to the Internet. Upon inspection, packets were > still passing through the kernel and a large download was still going on > through a kernel that should have long ago quite passing traffic! In > other words, it appears that the NAT function of PF does not shutdown as > it should while the the OS is shutting down. Traffic ceases almost > immediately with IPFW and IPFILTER. Hmmm? So you are saying that staying up as long as possible is an error? I= =20 don't quite see the point in shutting down early. If you still want to, you= =20 can script it somewhere. "echo block all | pfctl -Fa -f-" =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1259786.cHlA3KVM1K Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBSqrdXyyEoT62BG0RAuPBAJ9zx7M22Ux7IfP7+LqTmU2t3bzZ6ACfYPOZ iI3r0FAasfFxZSvtiQpStzc= =ix7O -----END PGP SIGNATURE----- --nextPart1259786.cHlA3KVM1K--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200409171114.05717.max>