Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 05 Sep 2001 09:22:26 -0400
From:      Mike Tancsa <mike@sentex.net>
To:        "David W. Chapman Jr." <dwcjr@inethouston.net>
Cc:        <stable@FreeBSD.ORG>
Subject:   Re: ipnat bug
Message-ID:  <5.1.0.14.0.20010905092122.05c42b40@marble.sentex.ca>
In-Reply-To: <001d01c1360a$e0d4cd60$fe0c4042@inethouston.net>
References:  <006a01c13586$0ccc7420$fe0c4042@inethouston.net> <5.1.0.14.0.20010905012036.03516e80@192.168.0.12> <20010905014634.B70986@bluenugget.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

Those look quite normal.  What about netstat -m ?

         ---Mike

At 08:01 AM 9/5/01 -0500, David W. Chapman Jr. wrote:
> > what does
> > sysctl -a | grep ipf
> >
> > show ?
> >
>
> > Could we also see an ipfstat -s?
>
>
>Sure, of course I have to wait an undefined amount of time again for it to
>break again, but here is the info while its working incase there is
>something wrong with it
>
>$ sysctl -a | grep net.inet.ipf
>net.inet.ipf.fr_flags: 0
>net.inet.ipf.fr_pass: 514
>net.inet.ipf.fr_active: 0
>net.inet.ipf.fr_tcpidletimeout: 864000
>net.inet.ipf.fr_tcpclosewait: 480
>net.inet.ipf.fr_tcplastack: 480
>net.inet.ipf.fr_tcptimeout: 480
>net.inet.ipf.fr_tcpclosed: 120
>net.inet.ipf.fr_tcphalfclosed: 14400
>net.inet.ipf.fr_udptimeout: 240
>net.inet.ipf.fr_icmptimeout: 120
>net.inet.ipf.fr_defnatage: 1200
>net.inet.ipf.fr_ipfrttl: 120
>net.inet.ipf.ipl_unreach: 13
>net.inet.ipf.fr_running: 1
>net.inet.ipf.fr_authsize: 32
>net.inet.ipf.fr_authused: 0
>net.inet.ipf.fr_defaultauthage: 600
>net.inet.ipf.fr_chksrc: 0
>net.inet.ipf.ippr_ftp_pasvonly: 0
>net.inet.ipf.fr_minttl: 3
>net.inet.ipf.fr_minttllog: 1
>
>ifirewall# ipnat -s
>mapped  in      1157347 out     1047303
>added   75003   expired 74535
>no memory       0       bad nat 2797
>inuse   13
>rules   12
>wilds   0
>firewall# ipfstat -s
>IP states added:
>         510 TCP
>         0 UDP
>         0 ICMP
>         229216 hits
>         58739739 misses
>         0 maximum
>         0 no memory
>         0 bkts in use
>         0 active
>         0 expired
>         510 closed
>firewall#
>
>
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-stable" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010905092122.05c42b40>