[pf4freebsd] Re: nfsd send error 1 probably caused by pf ?
Daniel Hartmeier
daniel at benzedrine.cx
Wed Sep 15 20:56:34 PDT 2004
On Fri, Nov 14, 2003 at 06:24:24PM +0900, Pyun YongHyeon wrote:
> It seems that your problem is reproducable on my SMP machine.
> I used a single rule 'pass out on xl0 keep state'.
> However, I can't see 'nfsd send error' message. nfs client
> works well even though pf still outputs 'BAD state' message.
Are you running nfsd on the pf machine? If pf is blocking outgoing
packets due to state mismatches (BAD state messages), and the process
trying to send the blocked packets is running on the pf box, it gets a
an error code from the stack. If nfsd is reporting those errors, that
would imply you'd have to run nfsd on the pf box (not the nfs client).
If the theory is correct up to this point, that is ;)
Daniel
More information about the freebsd-pf
mailing list