Fwd: Re: pf: BAD state happens often with portsnap fetch update
Colin Percival
cperciva at freebsd.org
Sat Dec 9 17:28:45 PST 2006
Adam McDougall wrote:
> # portsnap fetch update
> [...]
> Fetching 2688 new ports or files... /usr/sbin/portsnap: cannot open
> 3f115cb168a8e51fd0d19798f005ab7a251a1de6a5b9eda60cd327b60aa48799.gz: No such file or
> directory
> snapshot is corrupt.
>
> 2597 should have been fetched, but there was a stall at 30.. and after about a minute,
> it continued on to 410...... and gave up apparently. For all my servers without
> direct internet access, I have to run portsnap several times until it succeeds.
You have four options:
(a) Lower pf's tcp.closed timeout,
(b) Increase the high port range,
(c) Fix squid so that it groks HTTP/1.1 properly, or
(d) Stop using squid.
The problem here is that your proxy is closing portsnap's HTTP connection after
each file is downloaded.
Colin Percival
More information about the freebsd-current
mailing list