Date: Thu, 27 Jul 2006 21:57:58 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: freebsd-stable@freebsd.org Subject: Re: Weird problems with 'pf' (on both 5.x and 6.x) Message-ID: <p0623092ac0ef1e9c5970@[128.113.24.47]> In-Reply-To: <p06230929c0ef1457f11c@[128.113.24.47]> References: <p06230928c0ef06a3bafe@[128.113.24.47]> <p06230929c0ef1457f11c@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
At 9:18 PM -0400 7/27/06, Garance A Drosihn wrote:
>At 9:07 PM -0400 7/27/06, Garance A Drosihn wrote:
>>
>>But if I restart pf after adding these lines to pf.conf:
>>
>> # Allow all outgoing tcp and udp connections and keep state
>> pass out quick proto { tcp, udp } all keep state
>>
>>then I have the problem where the second 'lpq' from a remote
>>host will hang, if it is done right after the first one.
>
>The client-machine which is doing the lpq is a solaris
>machine, so here is the 'snoop' output from that side
>of things.
It occurred to me that it might be more informative to
see the transaction from the *freebsd* side of things,
since that's the machine running pf! So, here is a
similar set of two lpq's, as seen from the print-server
side of the connection. It seems to be telling the
same basic story, as far as I can tell.
<aside>
But if there is a bug somewhere, then might it
be that the same bug which effects 'pf' would
also confuse what tcpdump would report, when
running tcpdump on the same machine?
</aside>
(316) santropez/root # tcpdump -vvvvX -r
/tmp/gadchecks/all-060727.212311 host lpq-client
reading from file /tmp/gadchecks/all-060727.212311, link-type EN10MB (Ethernet)
21:23:32.175093 IP (tos 0x0, ttl 63, id 53775, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x6b2c (correct), 2119630748:2119630748(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d20f 4000 3f06 36af 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e56 ff9c 0000 0000 .q......~V......
0x0020: 7002 60f4 6b2c 0000 0101 0402 0204 05b4 p.`.k,..........
21:23:32.175205 IP (tos 0x0, ttl 64, id 4488, offset 0, flags [DF],
proto: TCP (6), length: 48) print-serv.printer > lpq-client.1023: S,
cksum 0x0bfa (correct), 2140553600:2140553600(0) ack 2119630749 win
65535 <mss 1460,sackOK,eol>
0x0000: 4500 0030 1188 4000 4006 f636 8071 18a2 E..0..@.@..6.q..
0x0010: 8071 1985 0203 03ff 7f96 4180 7e56 ff9d .q........A.~V..
0x0020: 7012 ffff 0bfa 0000 0204 05b4 0402 0000 p...............
21:23:32.175787 IP (tos 0x0, ttl 63, id 53776, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: .,
cksum 0xd6c8 (correct), 1:1(0) ack 1 win 24820
0x0000: 4500 0028 d210 4000 3f06 36b6 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e56 ff9d 7f96 4181 .q......~V....A.
0x0020: 5010 60f4 d6c8 0000 5555 5555 5555 P.`.....UUUUUU
21:23:32.175935 IP (tos 0x0, ttl 63, id 53777, offset 0, flags [DF],
proto: TCP (6), length: 49) lpq-client.1023 > print-serv.printer: P,
cksum 0xc80d (correct), 1:10(9) ack 1 win 24820
0x0000: 4500 0031 d211 4000 3f06 36ac 8071 1985 E..1..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e56 ff9d 7f96 4181 .q......~V....A.
0x0020: 5018 60f4 c80d 0000 0370 6269 6c6c 3264 P.`......bill
0x0030: 0a .
21:23:32.204946 IP (tos 0x0, ttl 64, id 4526, offset 0, flags [DF],
proto: TCP (6), length: 118) print-serv.printer > lpq-client.1023: P,
cksum 0x5bcb (correct), 1:79(78) ack 10 win 65535
0x0000: 4500 0076 11ae 4000 4006 f5ca 8071 18a2 E..v..@.@....q..
0x0010: 8071 1985 0203 03ff 7f96 4181 7e56 ffa6 .q........A.~V..
0x0020: 5018 ffff 5bcb 0000 5761 726e 696e 673a P...[...Warning:
0x0030: 2070 6269 6c6c 3264 2069 7320 646f 776e .bill.is.down
0x0040: 3a20 5468 6973 2071 7565 7565 2069 7320 :.This.queue.is.
0x0050: 666f 7220 4761 7261 6e63 6520 7465 7374 for.Garance.test
0x0060: 696e 672e 2073 742f 3678 0a6e 6f20 656e ing..st/6x.no.en
0x0070: 7472 6965 730a tries.
21:23:32.204988 IP (tos 0x0, ttl 64, id 4527, offset 0, flags [DF],
proto: TCP (6), length: 40) print-serv.printer > lpq-client.1023: F,
cksum 0x3765 (correct), 79:79(0) ack 10 win 65535
0x0000: 4500 0028 11af 4000 4006 f617 8071 18a2 E..(..@.@....q..
0x0010: 8071 1985 0203 03ff 7f96 41cf 7e56 ffa6 .q........A.~V..
0x0020: 5011 ffff 3765 0000 P...7e..
21:23:32.205701 IP (tos 0x0, ttl 63, id 53778, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: .,
cksum 0xd671 (correct), 10:10(0) ack 79 win 24820
0x0000: 4500 0028 d212 4000 3f06 36b4 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e56 ffa6 7f96 41cf .q......~V....A.
0x0020: 5010 60f4 d671 0000 5555 5555 5555 P.`..q..UUUUUU
21:23:32.205755 IP (tos 0x0, ttl 63, id 53779, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: .,
cksum 0xd670 (correct), 10:10(0) ack 80 win 24820
0x0000: 4500 0028 d213 4000 3f06 36b3 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e56 ffa6 7f96 41d0 .q......~V....A.
0x0020: 5010 60f4 d670 0000 5555 5555 5555 P.`..p..UUUUUU
21:23:32.206880 IP (tos 0x0, ttl 63, id 53780, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: F,
cksum 0xd66f (correct), 10:10(0) ack 80 win 24820
0x0000: 4500 0028 d214 4000 3f06 36b2 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e56 ffa6 7f96 41d0 .q......~V....A.
0x0020: 5011 60f4 d66f 0000 5555 5555 5555 P.`..o..UUUUUU
21:23:32.206918 IP (tos 0x0, ttl 64, id 4528, offset 0, flags [DF],
proto: TCP (6), length: 40) print-serv.printer > lpq-client.1023: .,
cksum 0x3765 (correct), 80:80(0) ack 11 win 65534
0x0000: 4500 0028 11b0 4000 4006 f616 8071 18a2 E..(..@.@....q..
0x0010: 8071 1985 0203 03ff 7f96 41d0 7e56 ffa7 .q........A.~V..
0x0020: 5010 fffe 3765 0000 P...7e..
21:23:34.252791 IP (tos 0x0, ttl 63, id 53781, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x2329 (correct), 2120304533:2120304533(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d215 4000 3f06 36a9 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4795 0000 0000 .q......~aG.....
0x0020: 7002 60f4 2329 0000 0101 0402 0204 05b4 p.`.#)..........
21:23:37.617105 IP (tos 0x0, ttl 63, id 53782, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x2329 (correct), 2120304533:2120304533(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d216 4000 3f06 36a8 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4795 0000 0000 .q......~aG.....
0x0020: 7002 60f4 2329 0000 0101 0402 0204 05b4 p.`.#)..........
21:23:44.367128 IP (tos 0x0, ttl 63, id 53783, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x2329 (correct), 2120304533:2120304533(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d217 4000 3f06 36a7 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4795 0000 0000 .q......~aG.....
0x0020: 7002 60f4 2329 0000 0101 0402 0204 05b4 p.`.#)..........
21:23:57.867184 IP (tos 0x0, ttl 63, id 53784, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x2329 (correct), 2120304533:2120304533(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d218 4000 3f06 36a6 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4795 0000 0000 .q......~aG.....
0x0020: 7002 60f4 2329 0000 0101 0402 0204 05b4 p.`.#)..........
21:24:24.867224 IP (tos 0x0, ttl 63, id 53785, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x2329 (correct), 2120304533:2120304533(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d219 4000 3f06 36a5 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4795 0000 0000 .q......~aG.....
0x0020: 7002 60f4 2329 0000 0101 0402 0204 05b4 p.`.#)..........
21:25:18.867322 IP (tos 0x0, ttl 63, id 53786, offset 0, flags [DF],
proto: TCP (6), length: 48) lpq-client.1023 > print-serv.printer: S,
cksum 0x2329 (correct), 2120304533:2120304533(0) win 24820
<nop,nop,sackOK,mss 1460>
0x0000: 4500 0030 d21a 4000 3f06 36a4 8071 1985 E..0..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4795 0000 0000 .q......~aG.....
0x0020: 7002 60f4 2329 0000 0101 0402 0204 05b4 p.`.#)..........
21:25:18.867426 IP (tos 0x0, ttl 64, id 4531, offset 0, flags [DF],
proto: TCP (6), length: 48) print-serv.printer > lpq-client.1023: S,
cksum 0x4f45 (correct), 933494308:933494308(0) ack 2120304534 win
65535 <mss 1460,sackOK,eol>
0x0000: 4500 0030 11b3 4000 4006 f60b 8071 18a2 E..0..@.@....q..
0x0010: 8071 1985 0203 03ff 37a3 fe24 7e61 4796 .q......7..$~aG.
0x0020: 7012 ffff 4f45 0000 0204 05b4 0402 0000 p...OE..........
21:25:18.868017 IP (tos 0x0, ttl 63, id 53787, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: .,
cksum 0x1a14 (correct), 1:1(0) ack 1 win 24820
0x0000: 4500 0028 d21b 4000 3f06 36ab 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4796 37a3 fe25 .q......~aG.7..%
0x0020: 5010 60f4 1a14 0000 5555 5555 5555 P.`.....UUUUUU
21:25:18.868252 IP (tos 0x0, ttl 63, id 53788, offset 0, flags [DF],
proto: TCP (6), length: 49) lpq-client.1023 > print-serv.printer: P,
cksum 0x0b59 (correct), 1:10(9) ack 1 win 24820
0x0000: 4500 0031 d21c 4000 3f06 36a1 8071 1985 E..1..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 4796 37a3 fe25 .q......~aG.7..%
0x0020: 5018 60f4 0b59 0000 0370 6269 6c6c 3264 P.`..Y...bill
0x0030: 0a .
21:25:18.897042 IP (tos 0x0, ttl 64, id 4569, offset 0, flags [DF],
proto: TCP (6), length: 118) print-serv.printer > lpq-client.1023: P,
cksum 0x9f16 (correct), 1:79(78) ack 10 win 65535
0x0000: 4500 0076 11d9 4000 4006 f59f 8071 18a2 E..v..@.@....q..
0x0010: 8071 1985 0203 03ff 37a3 fe25 7e61 479f .q......7..%~aG.
0x0020: 5018 ffff 9f16 0000 5761 726e 696e 673a P.......Warning:
0x0030: 2070 6269 6c6c 3264 2069 7320 646f 776e .bill.is.down
0x0040: 3a20 5468 6973 2071 7565 7565 2069 7320 :.This.queue.is.
0x0050: 666f 7220 4761 7261 6e63 6520 7465 7374 for.Garance.test
0x0060: 696e 672e 2073 742f 3678 0a6e 6f20 656e ing..st/6x.no.en
0x0070: 7472 6965 730a tries.
21:25:18.897085 IP (tos 0x0, ttl 64, id 4570, offset 0, flags [DF],
proto: TCP (6), length: 40) print-serv.printer > lpq-client.1023: F,
cksum 0x7ab0 (correct), 79:79(0) ack 10 win 65535
0x0000: 4500 0028 11da 4000 4006 f5ec 8071 18a2 E..(..@.@....q..
0x0010: 8071 1985 0203 03ff 37a3 fe73 7e61 479f .q......7..s~aG.
0x0020: 5011 ffff 7ab0 0000 P...z...
21:25:18.897800 IP (tos 0x0, ttl 63, id 53789, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: .,
cksum 0x19bd (correct), 10:10(0) ack 79 win 24820
0x0000: 4500 0028 d21d 4000 3f06 36a9 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 479f 37a3 fe73 .q......~aG.7..s
0x0020: 5010 60f4 19bd 0000 5555 5555 5555 P.`.....UUUUUU
21:25:18.897853 IP (tos 0x0, ttl 63, id 53790, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: .,
cksum 0x19bc (correct), 10:10(0) ack 80 win 24820
0x0000: 4500 0028 d21e 4000 3f06 36a8 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 479f 37a3 fe74 .q......~aG.7..t
0x0020: 5010 60f4 19bc 0000 5555 5555 5555 P.`.....UUUUUU
21:25:18.899111 IP (tos 0x0, ttl 63, id 53791, offset 0, flags [DF],
proto: TCP (6), length: 40) lpq-client.1023 > print-serv.printer: F,
cksum 0x19bb (correct), 10:10(0) ack 80 win 24820
0x0000: 4500 0028 d21f 4000 3f06 36a7 8071 1985 E..(..@.?.6..q..
0x0010: 8071 18a2 03ff 0203 7e61 479f 37a3 fe74 .q......~aG.7..t
0x0020: 5011 60f4 19bb 0000 5555 5555 5555 P.`.....UUUUUU
21:25:18.899149 IP (tos 0x0, ttl 64, id 4571, offset 0, flags [DF],
proto: TCP (6), length: 40) print-serv.printer > lpq-client.1023: .,
cksum 0x7ab0 (correct), 80:80(0) ack 11 win 65534
0x0000: 4500 0028 11db 4000 4006 f5eb 8071 18a2 E..(..@.@....q..
0x0010: 8071 1985 0203 03ff 37a3 fe74 7e61 47a0 .q......7..t~aG.
0x0020: 5010 fffe 7ab0 0000 P...z...
--
Garance Alistair Drosehn = gad@gilead.netel.rpi.edu
Senior Systems Programmer or gad@freebsd.org
Rensselaer Polytechnic Institute or drosih@rpi.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p0623092ac0ef1e9c5970>