Date: Sat, 9 Feb 2002 09:27:11 -0800 From: Ben Lovett <blovett@bsdguru.com> To: stable@freebsd.org Subject: Re: IPF dropping packets randomly Message-ID: <20020209092711.A64355@bsdguru.com> In-Reply-To: <20020209092201.A64202@bsdguru.com>; from blovett@bsdguru.com on Sat, Feb 09, 2002 at 09:22:01AM -0800 References: <20020208100752.A13206@bsdguru.com> <3C64B5D9.1060306@rshb.com.ru> <20020209092201.A64202@bsdguru.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I believe Ben Lovett (blovett@bsdguru.com) scribbled this:
<snip>
> After doing some more looking around, I discovered that my state table
> was full at those points in time. I also find it peculiar that
> connections to, for example, a IRC server after being closed are set to
> a TTL of 1 minute, while SSH sessions disappear from the state listing
> entirely, only to time out 2 hours later (or so it appears). Once a
^^^ - dealing with this
Well, I guess I've just been blind or something, because I just saw a
SSH connection time out after a few minutes of being done with it. I
retract that statement.
But, does anyone have any insight as to why it disappears from view
until ipmon reports that it has been closed? (I can't see it in the
ipfstat -t output)
> connection is closed, how does IPF determine how long to leave an entry
> in the state table for? Is it based on the TTL of a packet finalizing
> the close of the connection?
Thanks,
--
Ben Lovett <blovett@bsdguru.com>
--------------------------------------------------------------------------
If you can't learn to do it well, learn to enjoy doing it badly.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020209092711.A64355>