Date: Tue, 9 Mar 2004 18:39:08 +1100 (EST) From: daemon@swiftdsl.com.au To: freebsd-questions@freebsd.org Subject: tcp port sticks in closing state Message-ID: <15351.218.214.54.98.1078817948.squirrel@webmail.swiftdsl.com.au>
next in thread | raw e-mail | index | archive | help
Hi all, I have a strange question that is probably more a tcp thing than FreeBSD, but you all have helped me so much in the past that I thought I'd start here. I am running FreeBSD 5.2.1 at home with postfix-2.0.18,1 from ports. When I send an email from my work (red hat 9, qmail), which is behind a Watchguard Firebox 700 doing NAT and using their "smtp-filter" (i'm the sysadmin at work, so any bad there is all me), to my home address it causes the freebsd machine to sit in the the following state (from a netstat -an | grep 25): tcp4 0 0 192.168.1.2.25 61.XX.X.XX.28709 CLOSING tcp4 0 0 192.168.1.2.25 61.XX.X.XX.28708 CLOSING This ties up the smtp port and any further attempts to connect from anywhere on the net yield: 421 SMTP service not available, closing transmission channel To get this I have to send a bunch of emails (say 4 or more) and the first two always get through. When I send a bunch of emails from any other address (yahoo, etc) this does not happen. I did a tcpdump -i fxp0 and greped for the port of one of these sessions and see: 21:45:18.424512 chinook.myhost.com.smtp > 61.XX.X.XX.28709: F 2504912170:2504912170(0) ack 2923328197 win 65535 (DF) 21:47:26.436486 chinook.myhost.com.smtp > 61.XX.X.XX.28709: F 2504912170:2504912170(0) ack 2923328197 win 65535 (DF) 21:48:30.442449 chinook.myhost.com.smtp > 61.XX.X.XX.28709: R 2504912171:2504912171(0) ack 2923328197 win 65535 (DF) So ... what's going on here? To me it looks as if chinook.myhost.com is trying to ACK back to the server at my work and not getting an answer. >From what I googled the tcp connection takes 5 mins to die in the closing state. But in the meantime my mail server is not able to receive messages. Should it do this? This seems like a "bad thing" and an way of DOSing someone's mail system. Any thoughts? Any better places to post? Thanks in advance, August Simonelli
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15351.218.214.54.98.1078817948.squirrel>