kern/73202: IPF causing major tcp problems with 3rd party apps (apache, exim etc)

[Kris Kennaway]

The following reply was made to PR kern/73202; it has been noted by GNATS.

From: Kris Kennaway <kris at obsecurity.org>
To: David Haworth <dave at zinc.org.uk>
Cc: FreeBSD-gnats-submit at FreeBSD.org
Subject: Re: kern/73202: IPF causing major tcp problems with 3rd party apps (apache, exim etc)
Date: Wed, 27 Oct 2004 10:38:06 -0700

 On Wed, Oct 27, 2004 at 04:23:14PM +0100, David Haworth wrote:
 
 > I eventually determined it to be a network issue. using tethereal, I
 > could see a http connection come in, the three way handshake would
 > be completed (syn, synack, ack) and then the server would simply
 > stop responding. the client would keep retrying until it gave
 > up. the server process was obviously getting the request (ie the
 > apache logging and the exim process spawning) but could not reply
 > for some reason.
 
 First guess would be that your ipf ruleset was wrong.  Can you please
 include it for verification?
 
 Kris