very odd PF + FreeBSD6.0 problems
Paul Dokas
dokas at oitsec.umn.edu
Fri Dec 16 08:09:19 PST 2005
I recently upgrade to FreeBSD 6.0 via a full reinstall and I've run into a very
strange problem with PF. First of all, I'm using the same PF ruleset that I
used on 5.4. I know for a fact that it works correctly there. What's happening
is that when I turn on PF, I'm able to make outbound connections, but if those
connections go idle for more than 30 seconds, PF starts rejecting inbound packets.
Furthermore, PF _does_ show an ESTABLISHED state in it's state table. With loud
debugging turned on, it's giving me "pf_normalize_tcp_stateful: Timestamp failed 1"
messages.
The attached files show all of the details that I've collected about this.
this.host.umn.edu (A.B.C.D) is the host that I'm having problems with.
The first file shows tcpdump of 'telnet that.host.umn.edu 22' and the PF kernel
messages generated by the loud debugging. The second file shows the output of
`pfctl -vsa`.
I'd greatly appreciate any help that anyone might have about this problem.
Paul
--
Paul Dokas dokas at oitsec.umn.edu
======================================================================
Don Juan Matus: "an enigma wrapped in mystery wrapped in a tortilla."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pkts_and_dmesg
Type: application/octet-stream
Size: 17214 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20051216/e7cd8710/pkts_and_dmesg.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pfctl_-vsa
Type: application/octet-stream
Size: 9404 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20051216/e7cd8710/pfctl_-vsa.obj
More information about the freebsd-pf
mailing list