PF in FreeBSD 10.0 Blocking Some SSH
Robert Simmons
rsimmons0 at gmail.com
Tue Jan 28 03:26:17 UTC 2014
On Mon, Jan 27, 2014 at 4:06 PM, Jason Hellenthal
<jhellenthal at dataix.net> wrote:
>
> I've seen similar things happen on SSH, that were due to a combination of
> "scrub"ing and states expiring. Turning off scrub rules on SSH specifically
> cured the scenario for me but I don't see an indication of whether or not
> you are using that.
I am not using any scrubbing rules.
> You could also verify the states dropping by changing the optimization to
> conservative.
The problem does not seem to be happening today, so I will try this
when it happens again:
set optimization conservative
However, the problem does not interrupt my ssh session with the
server, so I don't think that its dropping an idle connection. It
looks just to be blocking some packets involved with a connection.
More information about the freebsd-pf
mailing list