firewall stuck
Kevin Oberman
kob6558 at gmail.com
Wed Mar 14 06:12:04 UTC 2012
On Tue, Mar 13, 2012 at 7:27 PM, nyoman.bogi at gmail.com
<nyoman.bogi at gmail.com> wrote:
> dear guru,
>
> every time I open my firewall to allow SSH connection from Internet
> after few days my firewall always stuck. Stuck in here meaning
> that it deny all request (deny any from any).
> And after I "ipfw disable firewall" and then "ipfw enable firewall"
> everything works fine
>
> when I checked /var/log/messages I found lots of attempts
> people try to connect to my machine.
> why my machine get stuck when lots of people try to SSH to my machine?
We need a bit more information, especially your ipfw configuration. Is
it a statefull firewall? It sounds a lot like your state table might
be filling for some reason. Of course, if it is not a statefull
firewall, that idea is probably wrong, though it could be a
misconfiguration of some statefull rule that is inadvertently catching
the SSH attempts.
Have you done an 'ipfw show' to see what rules are being matched? it
may or may not provide a clue.
--
R. Kevin Oberman, Network Engineer
E-mail: kob6558 at gmail.com
More information about the freebsd-net
mailing list