Sockets stuck in FIN_WAIT_1
Robert Blayzor
rblayzor.bulk at inoc.net
Fri May 30 09:46:22 UTC 2008
On May 30, 2008, at 4:41 AM, Ian Smith wrote:
> Without debating your stateful alternative - either should work fine
> for
> TCP applications - this allowed inbound icmp packets for types
> 0,3,8,11
> but no outbound icmp at all (assuming your firewall defaults to deny).
Switching the ipfw rules over to be stateful did not help, the server
just wasn't busy enough. Overnight the FIN_WAIT_1's continued to pile
up to over 600... and I'm sure they'll just keep going up until I have
to reboot the box again. However Tod's suggestion to use a small sh
script and tcpdrop seems to at least put a band-aid on things, so I
don't have to reboot now.
--
Robert Blayzor, BOFH
INOC, LLC
rblayzor at inoc.net
http://www.inoc.net/~rblayzor/
More information about the freebsd-stable
mailing list