a very strange netstat output and problem when using transparent
proxy
Marat N.Afanasyev
amarat at ksu.ru
Mon Nov 6 21:08:43 UTC 2006
Hello!
I've encountered a very strange situation about two hours ago. I use
squid as transparent proxy and forward all the packets from port 80 to
port 8000. Problem is, first of all, I have a lot of ierrs on interface
when looking to interface stats using netstat. The second problem is far
more serious: after a short period of time I have a completely frozen
system that can only send data, but very rarely receive and generates a
huge amount of ierrs on interface.
ipfw rules are as follows:
00001 allow ip from any to any via lo0
00002 deny ip from any to 127.0.0.0/8
00003 deny ip from 127.0.0.0/8 to any
00010 fwd xx.xx.xx.xx,8000 tcp from any to me dst-port 80
65535 allow ip from any to any
problem with ierrs disappears after I delete rule with forward, but I
need this rule :(
--
SY, Marat
More information about the freebsd-net
mailing list