[Bug 214630] netstat displays spurious count for connections in LAST_ACK state inside jail with VIMAGE kernel

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Wed Nov 23 10:59:32 UTC 2016


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214630

--- Comment #5 from tony181116 at outlook.com ---
Created attachment 177326
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=177326&action=edit
Showing duplicate fin packets


On further investigation I have noticed duplicate FIN packets being created,
although due to the set up of the machine this may or may not be helpful as the
packets are manipulated by:

1) ipfw to send them to
2) a divert socket which is used to add a GTP header to the packet.
3) back into the firewall for final dispatch to gateway.

Although it did occur to me if these additional fin packets are being counted
before the UDP header is added, then it would be possible to end up with a
negative number of connections in some TCP states.

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the freebsd-amd64 mailing list