Date: Thu, 02 Jan 2014 08:16:21 +1300 From: Berend de Boer <berend@pobox.com> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: freebsd-pf@freebsd.org Subject: Re: Network severely unstable 10.0-PRERELEASE Message-ID: <87a9ffcy2i.wl%berend@pobox.com> In-Reply-To: <20131230191327.GC71033@glebius.int.ru> References: <87sitku33x.wl%berend@pobox.com> <20131225132752.GK71033@FreeBSD.org> <877gasu3oa.wl%berend@pobox.com> <20131226153155.GS71033@glebius.int.ru> <87ob3zcavs.wl%berend@pobox.com> <20131230191327.GC71033@glebius.int.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--pgp-sign-Multipart_Thu_Jan__2_08:16:20_2014-1
Content-Type: text/plain; charset=US-ASCII
>>>>> "Gleb" == Gleb Smirnoff <glebius@FreeBSD.org> writes:
Gleb> Can you please try attached patch? I hope it'll fix the
Gleb> panic.
Have been running this without the rule change, to see if it doesn't
introduce any adverse effects. So far so good. When I'm back from
holiday (this Saturday), I'll enable the bad keyword.
Gleb> No idea on how good will your rule work, however.
I have no idea either! A bit harder to test, the goal was to make
games/voip udp work a bit better without having to allocate ports.
I think I could just write:
nat on egress from any to any -> (egress) round-robin sticky-address
instead of what I have now:
nat pass on egress proto udp from any port $voip_ports to any -> (egress) static-port
nat pass on egress from any to any -> (egress) sticky-address
--
All the best,
Berend de Boer
--pgp-sign-Multipart_Thu_Jan__2_08:16:20_2014-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
Content-Description: OpenPGP Digital Signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
iQIcBAABCAAGBQJSxGmEAAoJEKOfeD48G3g52UYP/1eiejLLHh1f10TG8WZi2v+l
bhjbdgarV9PR5lMmHi6rkthB+RXuG2ogBZKVX4XAQ/zC4ezu/e83SwvfP44d7ymh
/bepDCnKuo2i7NV28XfpI9TDBO84+MMNyMeHYX5oAjF1RN58qh31WvwfxVyJrqbM
HmVh/ZUWS/XDDNWrobwG8Ko1GUMJYUFga5T0bHajT+fLVgn/woJbDfMshQEv6x0H
P+sUkcAfJ1Dxu74xxBIG/4fzqw1F2dFn6drg1poUy5nU/GyYlNojpwkfQmip3LPc
CY+6AVYq0gGsdJfu4ixkIYCNWj0UVmkPaMT+GrevlQ8thJEG+CjY3jyJeSLJS+/h
/gz7wCBjAuv8t5Ikr54BX6Y6izH5E997yRkOIbp87DUCjwgo/Hy7L35tuLPnIeOz
0G9h1u8oDGErkeKppq46FQDf4cntWtsrR7IGi4vTZICGsDSbvtPmIkgD7yCSN1zS
rToTCr4NzSuiyWfhjvNDu0caIFhntnquhMzhXaBdczU1W3s2DtDPqxTcXOSNMT/W
wbpg1qY0FyExSbFlH6zC/X6LfP0qfd4C2mahM15umJC3yNFFvBSNuH6lw88ZgQFM
oiGsAMiiBIUg46Jjro+a9NPctlegNdXY/A4Fpfrr2gfj+g4mIvg8P+NW0BbPgRdo
z49I0+WU9XCYQ7sCzAMp
=35ki
-----END PGP SIGNATURE-----
--pgp-sign-Multipart_Thu_Jan__2_08:16:20_2014-1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87a9ffcy2i.wl%berend>