Problem with closing tcp session between cisco and freebsd
Gleb Smirnoff
glebius at cell.sick.ru
Tue Mar 16 04:34:29 PST 2004
On Tue, Mar 16, 2004 at 03:18:32PM +0300, Zherdev Anatoly wrote:
Z> > > So no obvious suspect. Before digging deep into the code its better
Z> > > to have some more surrounding information.
Z> >
Z> > Another question: any packet filters in between ?
Z>
Z> Yes i have IPFW1 on this servers (it was the same problem on two servers at one time and one cisco)
Z> But in IPFW i have ACCEPT by default and only this deny rules:
Z>
Z> 00200 deny ip from any to 127.0.0.0/8
Z> 00300 deny ip from 127.0.0.0/8 to any
Z> 00400 deny log logamount 100 tcp from any to any 135-139,445,593
Z> 00500 deny log logamount 100 udp from any to any 135-139,445
Z> 01100 deny tcp from any to any 22 in recv fxp1
Z> 01600 reset tcp from any to any 113
Z>
Z> I make ipfw flush when i see this situation and keep only
Z> 65535 allow ip from any to any
Z> but problem was not resolved and tcp session not ended.
Another snap question:
what is value of net.inet.tcp.blackhole sysctl?
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
More information about the freebsd-net
mailing list