Network Problem in FreeBSD 6.2-RELEASE-p5

Lowell Gilbert freebsd-questions-local at
Sun Jun 24 14:29:03 UTC 2007

Please don't top-post.

ExTaZyTi <extazyti at> writes:

> Is the FreeBSD machine performing NAT for the Windows box?
> extazyti: yes with PF firewall. (But I don't have this problem before
> re-build my world+kernel (my last fbsd was fbsd6.2-STABLE. But this problem
> exist again in fbsd6.2-STABLE when I have build option ot drop TCP+SYN and
> have some bug..I donk know what exactly))
> Are you saying that this is a second problem?
> extazyti: YES. because I think limmiting my connectins is normal when I have
> "net.inet.tcp.blackhole=2" but Now I haven't this sysctl option and this is
> problem again.
> How are you doing the scan, and how do you know the ports are not
> really open?
> extazyti: I use PortScan with a delay MS - 20 (He sends TCP4-sockets) and
> ports It's not really open because there is no program to open random ports
> with this values and I use the netstat command. Aslo this problem was again
> before time when I have bugged again my kernel with TCP_DROP SYN+FIN in my
> kernel.

netstat isn't the best way to figure this out.  It can be confusing.  
Try sockstat(1).

> Which sysctl?
> extazyti: ALL, I put "#" before all texts in my sysctl.conf and reboot my
> system.

Check them after the reboot, using the sysctl(8) command and the
particular sysctl.

> Are you sure that the sysctl value changed?
> extazyti: I think yes..after restart and I changed special
> net.inet.tcp.blackhole to "0".

So check it:
    $ sysctl  net.inet.tcp.blackhole 
    net.inet.tcp.blackhole: 0

> Did you look at it after changing it to make sure it really shows up
> as different?
> extazyti: No. But I think reboot changes to default this options when have
> "#" before all texts in /etc/sysctl.conf

If nothing else affects it, yes.  But check to be sure.

> 2007/6/22, Lowell Gilbert <freebsd-questions-local at>:
>> [lists trimmed to just -questions]
>> ExTaZyTi <extazyti at> writes:
>> > I have a serious problem with my network.
>> > I have connected 2 PC's, 1 - FreeBSD, 2 - Windows XP.
>> >
>> > The problem is follow - My FreeBSD limmiting connections , I cannot open
>> > more 224 TCP4-Sockets in my Windows Box.
>> > When I downloading torrent file, I cannot create more connections to the
>> > web, and while this time I can't open for example - web sites.
>> Is the FreeBSD machine performing NAT for the Windows box?
>> > Tow problem who worry myself is when I scan a my freebsd box or other
>> > "server" for open ports its FAKE show me: 81 82 ,83 ,465,463 and other
>> ports
>> > open.. but It's FAKE .. it's not really open..
>> Are you saying that this is a second problem?
>> How are you doing the scan, and how do you know the ports are not
>> really open?
>> > I Cleared my sysctl, and test, cleared my firewall and test, re-build my
>> > kernel with any options changed and test again.. Just don't Work :((
>> Which sysctl?
>> > I have use PF firewall and FreeBSD 6.2-RELEASE-p5.
>> >
>> > I Think this problem is from "net.inet.tcp.blackhole=2" in my sysctl
>> because
>> > it's work before i do sysctl -w net.inet.tcp.blackhole=2..
>> > but when back this option to value = 0 this problem is stay there.. and
>> no
>> > restarts or re-build my kernel can fix this..or maybe be wrong to
>> > this supposition. Sorry for my english.
>> Are you sure that the sysctl value changed?
>> Did you look at it after changing it to make sure it really shows up
>> as different?
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

Lowell Gilbert, embedded/networking software engineer, Boston area

More information about the freebsd-questions mailing list