PF, SSH closed by remote host
Daniel Hartmeier
daniel at benzedrine.cx
Thu Aug 4 17:53:03 GMT 2005
On Thu, Aug 04, 2005 at 06:48:23PM +0100, Rod wrote:
> Have tried lists,google and multiple different variations of the above
> pf.conf but it's still happening. Any suggests?
Enable debug logging in pf (pfctl -xm), make sure all blocked packets
are logged and pflogd is running. Print the current counters values
(pfctl -si). Then reproduce the connection reset. Afterwards:
- check /var/log/messages for any messages from pf
- check pflog for any logged packets
- print the counters again (pfctl -si) and check if any of them
have increased
It might be neccessary to tcpdump one entire ssh connection (from
establishment to the point where its reset) to fully analyze the
problem, but maybe the simpler steps above will already give a hint.
Daniel
More information about the freebsd-pf
mailing list