why BAD state messages
Jeremy Chadwick
koitsu at FreeBSD.org
Fri Aug 15 17:30:46 UTC 2008
On Fri, Aug 15, 2008 at 01:26:31PM -0300, Alexandre Biancalana wrote:
> Looking the logs I made some math on each state
>
> 9:9 6174 times
> 4:4 3283 times
> 4:9 2611 times
> 10:10 1382 times
> 2:0 878 times
> 9:4 520 times
pfctl -s info will show a total counter for this (and some other
oddities, but the majority are probably for what Max has described
above), called state-mismatch.
> How can I give a larger range for outgoing conections if the clients
> connect directly to the servers ? In this case I don't have any rdr
> rule.
Clients connecting ***to*** the FreeBSD server would be considered an
incoming connection, not an outgoing one.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-pf
mailing list