From owner-freebsd-pf@FreeBSD.ORG Sat May 26 01:27:51 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DF3E416A41F for ; Sat, 26 May 2007 01:27:51 +0000 (UTC) (envelope-from almarrie@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.247]) by mx1.freebsd.org (Postfix) with ESMTP id 9644D13C458 for ; Sat, 26 May 2007 01:27:51 +0000 (UTC) (envelope-from almarrie@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so345109anc for ; Fri, 25 May 2007 18:27:50 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=op7nYHzEahAJgv3GrTgXjjZpizFSDBXgfcBl1dV++EHVRZGWtsfTh8P4Gf/ZdTPABV0Af4lKm9HNMD1xObxN+9W2mhaoz0fCN5u/GzS+cz+D/zAQkV6KM/Exv1+PnD0gZbbbbmWSY/WjT2dOe4b3Xned3rQR4ZyLhZ+81GJF0Hs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=gFcyzC/VcqslvzPqxiMP1YRJEL1ifFJJ7bS2erpEUvdST5hGufAfKRzulQmDx/GedDriHN1iF357qqAVSPSfcsF1eq8UlOU2bqsTPXFQGEobmeAXVBrssGqYI46nppJoGF341lORVFL/2oYi43EuHPZjeLdNcJIXV73bZ36qdZs= Received: by 10.100.122.8 with SMTP id u8mr3155602anc.1180142869630; Fri, 25 May 2007 18:27:49 -0700 (PDT) Received: by 10.100.9.14 with HTTP; Fri, 25 May 2007 18:27:49 -0700 (PDT) Message-ID: <499c70c0705251827y5297382cs46af00cae15012ed@mail.gmail.com> Date: Sat, 26 May 2007 04:27:49 +0300 From: "Abdullah Ibn Hamad Al-Marri" To: "Kian Mohageri" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <499c70c0705251609s6be5792bl1ca40076c69f6da3@mail.gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: alot of State failure on: 2 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 May 2007 01:27:52 -0000 On 5/26/07, Kian Mohageri wrote: > On 5/25/07, Abdullah Ibn Hamad Al-Marri wrote: > > Hello, > > > > My server is being flooded by a script kiddie against port 7325. > > > What exactly is your question? > > You can decrease the verbosity of PF (read the pfctl man page) if you > don't want to see those messages. > > Kian > My question is, why all these failure msgs and the state-mismatch? Status: Enabled for 1 days 08:28:30 Debug: Loud Hostid: 0x02a0ce3f Interface Stats for fxp0 IPv4 IPv6 Bytes In 13566244426 0 Bytes Out 5093968616 0 Packets In Passed 17739895 0 Blocked 140741343 0 Packets Out Passed 18797493 0 Blocked 1031426 0 State Table Total Rate current entries 113 searches 177905411 1521.7/s inserts 2542930 21.8/s removals 2542817 21.8/s Counters match 140456174 1201.4/s bad-offset 0 0.0/s fragment 1 0.0/s short 0 0.0/s normalize 0 0.0/s memory 51776858 442.9/s bad-timestamp 0 0.0/s congestion 0 0.0/s ip-option 0 0.0/s proto-cksum 0 0.0/s state-mismatch 1464193 12.5/s state-insert 0 0.0/s state-limit 0 0.0/s src-limit 1075 0.0/s synproxy 1889417 16.2/s Am I doing something wrong with me rules causes the failure and the state-mismatch? -- Regards, -Abdullah Ibn Hamad Al-Marri Arab Portal http://www.WeArab.Net/