From owner-freebsd-questions@FreeBSD.ORG Sun Jun 24 14:29:03 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6D67116A400 for ; Sun, 24 Jun 2007 14:29:03 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from mail1.sea5.speakeasy.net (mail1.sea5.speakeasy.net [69.17.117.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4594F13C468 for ; Sun, 24 Jun 2007 14:29:03 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 28165 invoked from network); 24 Jun 2007 14:29:02 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail1.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 24 Jun 2007 14:29:02 -0000 Received: from Lowell-Desk.lan (Lowell-Desk.lan [172.30.250.6]) by be-well.ilk.org (Postfix) with ESMTP id 8F6622843A; Sun, 24 Jun 2007 10:28:58 -0400 (EDT) Received: by Lowell-Desk.lan (Postfix, from userid 1147) id 0B6FC1CC45; Sun, 24 Jun 2007 10:28:57 -0400 (EDT) To: ExTaZyTi References: <468d29450706210715m31c112acs1936dabf1b287d82@mail.gmail.com> <44hcp0dqe8.fsf@be-well.ilk.org> <468d29450706221101w6572c8c1h6f8b5a30c9331437@mail.gmail.com> From: Lowell Gilbert Date: Sun, 24 Jun 2007 10:28:57 -0400 In-Reply-To: <468d29450706221101w6572c8c1h6f8b5a30c9331437@mail.gmail.com> (extazyti@gmail.com's message of "Fri\, 22 Jun 2007 21\:01\:21 +0300") Message-ID: <44fy4hh1ee.fsf@Lowell-Desk.lan> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.99 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-questions@freebsd.org Subject: Re: Network Problem in FreeBSD 6.2-RELEASE-p5 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jun 2007 14:29:03 -0000 Please don't top-post. ExTaZyTi writes: > Is the FreeBSD machine performing NAT for the Windows box? > extazyti: yes with PF firewall. (But I don't have this problem before > re-build my world+kernel (my last fbsd was fbsd6.2-STABLE. But this problem > exist again in fbsd6.2-STABLE when I have build option ot drop TCP+SYN and > have some bug..I donk know what exactly)) > > Are you saying that this is a second problem? > extazyti: YES. because I think limmiting my connectins is normal when I have > "net.inet.tcp.blackhole=2" but Now I haven't this sysctl option and this is > problem again. > > How are you doing the scan, and how do you know the ports are not > really open? > extazyti: I use PortScan with a delay MS - 20 (He sends TCP4-sockets) and > ports It's not really open because there is no program to open random ports > with this values and I use the netstat command. Aslo this problem was again > before time when I have bugged again my kernel with TCP_DROP SYN+FIN in my > kernel. netstat isn't the best way to figure this out. It can be confusing. Try sockstat(1). > Which sysctl? > extazyti: ALL, I put "#" before all texts in my sysctl.conf and reboot my > system. Check them after the reboot, using the sysctl(8) command and the particular sysctl. > Are you sure that the sysctl value changed? > extazyti: I think yes..after restart and I changed special > net.inet.tcp.blackhole to "0". So check it: $ sysctl net.inet.tcp.blackhole net.inet.tcp.blackhole: 0 $ > Did you look at it after changing it to make sure it really shows up > as different? > extazyti: No. But I think reboot changes to default this options when have > "#" before all texts in /etc/sysctl.conf If nothing else affects it, yes. But check to be sure. > 2007/6/22, Lowell Gilbert : >> >> [lists trimmed to just -questions] >> >> ExTaZyTi writes: >> >> > I have a serious problem with my network. >> > I have connected 2 PC's, 1 - FreeBSD, 2 - Windows XP. >> > >> > The problem is follow - My FreeBSD limmiting connections , I cannot open >> > more 224 TCP4-Sockets in my Windows Box. >> > When I downloading torrent file, I cannot create more connections to the >> > web, and while this time I can't open for example - web sites. >> >> Is the FreeBSD machine performing NAT for the Windows box? >> >> > Tow problem who worry myself is when I scan a my freebsd box or other >> > "server" for open ports its FAKE show me: 81 82 ,83 ,465,463 and other >> ports >> > open.. but It's FAKE .. it's not really open.. >> >> Are you saying that this is a second problem? >> >> How are you doing the scan, and how do you know the ports are not >> really open? >> >> > I Cleared my sysctl, and test, cleared my firewall and test, re-build my >> > kernel with any options changed and test again.. Just don't Work :(( >> >> Which sysctl? >> >> > I have use PF firewall and FreeBSD 6.2-RELEASE-p5. >> > >> > I Think this problem is from "net.inet.tcp.blackhole=2" in my sysctl >> because >> > it's work before i do sysctl -w net.inet.tcp.blackhole=2.. >> > but when back this option to value = 0 this problem is stay there.. and >> no >> > restarts or re-build my kernel can fix this..or maybe be wrong to >> > this supposition. Sorry for my english. >> >> Are you sure that the sysctl value changed? >> Did you look at it after changing it to make sure it really shows up >> as different? >> > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/