From owner-freebsd-questions@FreeBSD.ORG  Tue Nov  4 13:11:15 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D47861065678
	for <freebsd-questions@freebsd.org>;
	Tue,  4 Nov 2008 13:11:15 +0000 (UTC)
	(envelope-from joompz@gmail.com)
Received: from po-out-1718.google.com (po-out-1718.google.com [72.14.252.154])
	by mx1.freebsd.org (Postfix) with ESMTP id A3BC98FC28
	for <freebsd-questions@freebsd.org>;
	Tue,  4 Nov 2008 13:11:15 +0000 (UTC)
	(envelope-from joompz@gmail.com)
Received: by po-out-1718.google.com with SMTP id y22so11640179pof.3
	for <freebsd-questions@freebsd.org>;
	Tue, 04 Nov 2008 05:11:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from:to
	:subject:in-reply-to:mime-version:content-type:references;
	bh=wBjDFzxoiZz2YodQslAO69d8lLc74g2a6sq0H1sFTjU=;
	b=XQa9oo9XAogy2rC6y8Y7RaSKM5t4LL1ccq+bSXqVw+Ce2obIuU3f+XqUdIsBMJfCsT
	3HMmQzSg7x0JcFxR97r0Z/VAjiV+XuYNP2pXykNelpf/hl151ShdiSLB5EfOVWAePeG6
	QrbpyMJeA+D5Sb0w3hWo9dXqxA7Skj696QB6Q=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:to:subject:in-reply-to:mime-version
	:content-type:references;
	b=q/hxqdV3Ivg54sbNBkxYh/4vBKD5wYTLcVs4fNy1spUOpfK9zCRN2BSiRnxG3uv8gC
	OkZlz+d/ByF6/7GVCd4PP0qIwpTQjZOCjLGtuX1ZeSdLtka1EXAV1Met+3EhNQzsQIOb
	xZ4jh5bWuCaZsKyHGFb+Wxo6gq0qdPZDdNDJg=
Received: by 10.141.204.16 with SMTP id g16mr826434rvq.275.1225804275204;
	Tue, 04 Nov 2008 05:11:15 -0800 (PST)
Received: by 10.140.174.19 with HTTP; Tue, 4 Nov 2008 05:11:15 -0800 (PST)
Message-ID: <e56958de0811040511x11598fa0ue0d2a70b04c04bb7@mail.gmail.com>
Date: Tue, 4 Nov 2008 11:11:15 -0200
From: "J MPZ" <joompz@gmail.com>
To: freebsd-questions@freebsd.org
In-Reply-To: <20081104013010.GA34643@icarus.home.lan>
MIME-Version: 1.0
References: <e56958de0811031643s473b499haa3243de1ed7c278@mail.gmail.com>
	<20081104013010.GA34643@icarus.home.lan>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Re: Problems with FreeBSD
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Nov 2008 13:11:15 -0000

Hi Jeremy,

I tried without none rules on ipfw FreeBSD (just "allow ip from any to any")
and error continues occurring.

How I can disable the TCP extensions?

I tried to set this value on this sysctl (sysctl net.inet.tcp.rfc1323=0) but
not work.



2008/11/3, Jeremy Chadwick <koitsu@freebsd.org>:
>
> On Mon, Nov 03, 2008 at 10:43:52PM -0200, J MPZ wrote:
> > Hi guys,
> >
> > I have some problem with my FreeBSD server. I have this:
> >
> > #########                                    ###########      #########
> > # Linux1  #  -> ASA  -> Internet  -> # FreeBSD  #  -> # Linux2 #
> > #########                                    ###########      #########
> >
> > If I run a ssh for Linux1 to FreeBSD, my connection freeze when the
> return
> > of some command is a big text. Example:
> >
> > I make a ssh connection in the from the Linux1 to FreeBSD server, then, I
> > execute some commands, like: 'pwd', 'whoami', 'ls /'... this work
> perfectly.
> > But, if I run some command that return a big text, like as: 'ls /dev/',
> or
> > top, my connection freeze.
> >
> > In other terminal, the tcpdump continues showing packets in this
> connection
> > that was freeze.
>
> Does the FreeBSD machine run a firewall at all, e.g. pf(4)?
>
> If so, you probably have some rules which are broken.  (I've seen this
> problem on FreeBSD 6.x when using rules which are not correctly
> configured to match initiate state).  Also, if a firewall is in use and
> you're blocking all forms of ICMP, that would impact path MTU discovery.
> Naughty.
>
> You might also try disabling TCP extensions on the FreeBSD box to see if
> it makes any difference.  Note that this can impact performance (large
> TCP window sizes won't be negotiated), but it's worth disabling for a
> test case.
>
> sysctl net.inet.tcp.rfc1323=0
>
> > If I try to access the Linux2, throught FreeBSD (redirect port on natd or
> > redirect port with rinetd), the same thing happens.
> >
> > Is this a problem with FreeBSD? Someone know how I can fix it? Some
> sysctl?
>
> --
> | Jeremy Chadwick                                jdc at parodius.com |
> | Parodius Networking                       http://www.parodius.com/ |
> | UNIX Systems Administrator                  Mountain View, CA, USA |
> | Making life hard for others since 1977.              PGP: 4BD6C0CB |
>
>