From owner-freebsd-stable  Wed Sep  5  6:28:47 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4])
	by hub.freebsd.org (Postfix) with ESMTP id A4C4037B405
	for <stable@FreeBSD.ORG>; Wed,  5 Sep 2001 06:28:42 -0700 (PDT)
Received: from simoeon.sentex.net (pyroxene.sentex.ca [199.212.134.18])
	by smtp1.sentex.ca (8.11.6/8.11.6) with ESMTP id f85DSeX78608;
	Wed, 5 Sep 2001 09:28:40 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <5.1.0.14.0.20010905092122.05c42b40@marble.sentex.ca>
X-Sender: mdtpop@marble.sentex.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Wed, 05 Sep 2001 09:22:26 -0400
To: "David W. Chapman Jr." <dwcjr@inethouston.net>
From: Mike Tancsa <mike@sentex.net>
Subject: Re: ipnat bug
Cc: <stable@FreeBSD.ORG>
In-Reply-To: <001d01c1360a$e0d4cd60$fe0c4042@inethouston.net>
References: <006a01c13586$0ccc7420$fe0c4042@inethouston.net>
 <5.1.0.14.0.20010905012036.03516e80@192.168.0.12>
 <20010905014634.B70986@bluenugget.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG


Those look quite normal.  What about netstat -m ?

         ---Mike

At 08:01 AM 9/5/01 -0500, David W. Chapman Jr. wrote:
> > what does
> > sysctl -a | grep ipf
> >
> > show ?
> >
>
> > Could we also see an ipfstat -s?
>
>
>Sure, of course I have to wait an undefined amount of time again for it to
>break again, but here is the info while its working incase there is
>something wrong with it
>
>$ sysctl -a | grep net.inet.ipf
>net.inet.ipf.fr_flags: 0
>net.inet.ipf.fr_pass: 514
>net.inet.ipf.fr_active: 0
>net.inet.ipf.fr_tcpidletimeout: 864000
>net.inet.ipf.fr_tcpclosewait: 480
>net.inet.ipf.fr_tcplastack: 480
>net.inet.ipf.fr_tcptimeout: 480
>net.inet.ipf.fr_tcpclosed: 120
>net.inet.ipf.fr_tcphalfclosed: 14400
>net.inet.ipf.fr_udptimeout: 240
>net.inet.ipf.fr_icmptimeout: 120
>net.inet.ipf.fr_defnatage: 1200
>net.inet.ipf.fr_ipfrttl: 120
>net.inet.ipf.ipl_unreach: 13
>net.inet.ipf.fr_running: 1
>net.inet.ipf.fr_authsize: 32
>net.inet.ipf.fr_authused: 0
>net.inet.ipf.fr_defaultauthage: 600
>net.inet.ipf.fr_chksrc: 0
>net.inet.ipf.ippr_ftp_pasvonly: 0
>net.inet.ipf.fr_minttl: 3
>net.inet.ipf.fr_minttllog: 1
>
>ifirewall# ipnat -s
>mapped  in      1157347 out     1047303
>added   75003   expired 74535
>no memory       0       bad nat 2797
>inuse   13
>rules   12
>wilds   0
>firewall# ipfstat -s
>IP states added:
>         510 TCP
>         0 UDP
>         0 ICMP
>         229216 hits
>         58739739 misses
>         0 maximum
>         0 no memory
>         0 bkts in use
>         0 active
>         0 expired
>         510 closed
>firewall#
>
>
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-stable" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message