Date: Tue, 5 Jul 2005 14:59:47 -0400 From: R A <bsdboxes@gmail.com> To: freebsd-pf@freebsd.org Subject: Bad State question Message-ID: <60bf53d705070511595889365@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I've read through some of the pf.c, in order to attempt to figure out what the state failure | 5 was, since it wasn't a really helpfull number, and the C code means very little to me, I'm still at a loss. At the end of this email, I do state what I hope to find out, or what I am asking for. First, the output from PF, complaining: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D Jul 5 14:52:54 www1 kernel: pf: BAD state: TCP dest_host Jul 5 14:52:54 www1 kernel: :443 dest_host:443 src_host:60855 [lo=3D2680241336 high=3D2680307943 win=3D33304 modulator=3D0 wscale=3D1] [lo=3D3834753739 high=3D3834820347 win=3D33304 modulator=3D0 wscale=3D1] 9:= 9 S seq=3D2686921612 ack=3D3834753739 len=3D0 ackskew=3D0 pkts=3D9:8 dir=3Din,f= wd Jul 5 14:52:54 www1 kernel: pf: State failure on: 1 | 5 =20 Jul 5 14:52:57 www1 kernel: pf: BAD state: TCP dest_host:443 dest_host:443 src_host:60855 [lo=3D2680241336 high=3D2680307943 win=3D33304 modulator=3D0 wscale=3D1] [lo=3D38 Jul 5 14:52:57 www1 kernel: 34753739 high=3D3834820347 win=3D33304 modulator=3D0 wscale=3D1] 9:9 S seq=3D2686921612 ack=3D3834753739 len=3D0 ackskew=3D0 pkts=3D9:8 dir=3Din,fwd Jul 5 14:52:57 www1 kernel: pf: State failure on: 1 | 5 =20 Jul 5 14:52:58 www1 kernel: pf: BAD state: TCP dest_host:443 dest_host:443 src_host:64766 [lo=3D3295466676 high=3D3295533283 win=3D33304 modulator=3D0 wscale=3D1] [lo=3D2237679877 high=3D2237746485 win=3D33304 modulator=3D0 wscale=3D1] 9:9 S seq=3D3303296462 ack=3D2237679877 len=3D0 ackskew=3D0 pkts=3D9:9 dir=3Din,fwd Jul 5 14:52:58 www1 kernel: pf: State failure on: 1 | 5 =20 Jul 5 14:53:00 www1 kernel: pf: BAD state: TCP dest_host:443 dest_host:443 src_host:60855 [lo=3D2680241336 high=3D2680307943 win=3D33304 modulator=3D0 wscale=3D1] [lo=3D3834753739 high=3D3834820347 win=3D33304 modulator=3D0 wscale=3D1] 9:9 S seq=3D2686921612 ack=3D3834753739 len=3D0 ackskew=3D0 pkts=3D9:8 dir=3Din,fwd Jul 5 14:53:00 www1 kernel: pf: State failure on: 1 | 5 =20 Jul 5 14:53:00 www1 kernel: pf: BAD state: TCP dest_host:443 dest_host:443 src_host:64766 [lo=3D3295466676 high=3D3295533283 win=3D33304 modulator=3D0 wscale=3D1 Jul 5 14:53:01 www1 kernel: ] [lo=3D2237679877 high=3D2237746485 win=3D33304 modulator=3D0 wscale=3D1] 9:9 S seq=3D3303296462 ack=3D22376798= 77 len=3D0 ackskew=3D0 pkts=3D9:9 dir=3Din,fwd Jul 5 14:53:01 www1 kernel: pf: State failure on: 1 | 5=20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D I noticed that if I hit my webserver up with about 30 threads from a python load script, simply retrieving a web page through https, with a password, and a database call on the php page it hits, threads were 'hanging'. When I looked closer, I found that the connections were hanging, not the threads. So I disabled PF, the connections got dropped (otherwise they time out), and the python threads resumed their pace at downloading. 30 threads generates around 500kilobytes per second in traffic from the dest host returning http data without PF on. So when I managed to get the PF to report the errors, I read many help topics that people have asked about, but none seemed to pertain exactly to me. The host doing the requesting is on the same subnet as the destination, shouldn't have any routers to go through. The requesting machine is 5.3 bsd, and the host with the PF problem is running 5.4-p3. Could someone please help point out the error, I know that some sequence numbers don't match, but since PF is complaining, and taking PF out seems to not generate any timeouts, I'm curious if I can turn this type of watching off. Or, at least understand where my packets are going south :) Being as it's my first post, please be gentle, and I will attempt to respond with whatever information is needed. Thanks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60bf53d705070511595889365>