Date: Fri, 15 Aug 2008 10:30:46 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Alexandre Biancalana <biancalana@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: why BAD state messages Message-ID: <20080815173046.GA99454@eos.sc1.parodius.com> In-Reply-To: <8e10486b0808150926m7e25bcedw34b24c2e7707e445@mail.gmail.com> References: <8e10486b0808150708g200727b8sc2f4993eee9f5248@mail.gmail.com> <200808151658.15440.max@love2party.net> <8e10486b0808150926m7e25bcedw34b24c2e7707e445@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 15, 2008 at 01:26:31PM -0300, Alexandre Biancalana wrote: > Looking the logs I made some math on each state > > 9:9 6174 times > 4:4 3283 times > 4:9 2611 times > 10:10 1382 times > 2:0 878 times > 9:4 520 times pfctl -s info will show a total counter for this (and some other oddities, but the majority are probably for what Max has described above), called state-mismatch. > How can I give a larger range for outgoing conections if the clients > connect directly to the servers ? In this case I don't have any rdr > rule. Clients connecting ***to*** the FreeBSD server would be considered an incoming connection, not an outgoing one. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080815173046.GA99454>