problems with tftp-proxy in 11.1?
John Jasen
jjasen at gmail.com
Thu Dec 7 17:02:36 UTC 2017
On Wed, Dec 6, 2017 at 5:01 PM, Kristof Provost <kristof at sigsegv.be> wrote:
> On 6 Dec 2017, at 21:25, John Jasen wrote:
>
> On 12/04/2017 02:47 PM, Kristof Provost wrote:
>
> Okay, so this is interesting:
>
> 25013: ioctl(4,0xc04c4417 { IORW 0x44('D'), 23, 76 },0x7fffffffe5b0) ERR#2
> 'No such file or directory'
>
> The DIOCNATLOOK ioctl() fails with ENOENT, which happens if the state
> can’t be found.
> Of course, I have no idea why that would happen. Does this affect some
> tftp connections or all of them?
>
Some, where the amount seems somewhat random.
Can you post the outputs of pfctl -s memory, pfctl -s info and sudo pfctl
> -s limits?
>
pfctl -s limits is not valid, it appears.
pfctl.info
::::::::::::::
Status: Enabled for 49 days 01:11:53 Debug: Urgent
State Table Total Rate
current entries 23178
searches 1043223404652 246164.4/s
inserts 615337407 145.2/s
removals 615314221 145.2/s
Counters
match 687031846 162.1/s
bad-offset 0 0.0/s
fragment 0 0.0/s
short 0 0.0/s
normalize 0 0.0/s
memory 0 0.0/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 0 0.0/s
proto-cksum 22 0.0/s
state-mismatch 34121 0.0/s
state-insert 59591 0.0/s
state-limit 10870 0.0/s
src-limit 3 0.0/s
synproxy 0 0.0/s
map-failed 0 0.0/s
pfctl.memory
::::::::::::::
states hard limit 15000000
src-nodes hard limit 10000000
frags hard limit 100000
table-entries hard limit 10000000
> Regards,
> Kristof
>
More information about the freebsd-pf
mailing list