Lots of weird PF behavior on 7.2-STABLE
Helmut Schneider
jumper99 at gmx.de
Fri Dec 18 11:51:10 UTC 2009
Linda Messerschmidt wrote:
> 1) TCP connections (mainly port 80) sometimes take 3 seconds to get
> started instead of being virtually instant.
> 2) Sometimes HTTP connections just stop responding. (Client program
> times out waiting for response.)
> 3) Sometimes connections get weirdly dropped ("Connection reset by
> peer.") 4) Sometimes if I am ssh'd through the firewall, something
> will happen and my inbound packets will start getting dropped, but
> outbound packets still pass. For example, if I'm at the shell
> prompt, it is non-responsive. But if I log alongside a stuck
> connection and "write" to that tty, I will see it no problem.
> 5) States that have no right to still be there continue to pile up
> into the hundreds of thousands.
If no suggestion helped so far try to scrub the mss to a smaller value
like 1400 or even lower.
Helmut
More information about the freebsd-pf
mailing list