[pf4freebsd] Re: nfsd send error 1 probably caused by pf ?
Pyun YongHyeon
yongari at kt-is.co.kr
Wed Sep 15 20:56:44 PDT 2004
On Fri, Nov 14, 2003 at 10:33:17AM +0100, Daniel Hartmeier wrote:
> On Fri, Nov 14, 2003 at 06:24:24PM +0900, Pyun YongHyeon wrote:
>
> > It seems that your problem is reproducable on my SMP machine.
> > I used a single rule 'pass out on xl0 keep state'.
> > However, I can't see 'nfsd send error' message. nfs client
> > works well even though pf still outputs 'BAD state' message.
>
> Are you running nfsd on the pf machine? If pf is blocking outgoing
Yes.
> packets due to state mismatches (BAD state messages), and the process
> trying to send the blocked packets is running on the pf box, it gets a
> an error code from the stack. If nfsd is reporting those errors, that
> would imply you'd have to run nfsd on the pf box (not the nfs client).
> If the theory is correct up to this point, that is ;)
>
Yes. Florian C. Smeets reported a error message "nfsd send error 1"
error code 1 is EPERM and this might come from pf's blocking.
At present, I think, actual cause may be in somewhere in H/W
checksum offload routine in FreeBSD pf. I need more investigation.
Thanks for your comment.
> Daniel
>
Regards,
Pyun YongHyeon
--
Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>
More information about the freebsd-pf
mailing list