Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 2 Jul 2000 23:41:18 -0400
From:      "Sean O'Connell" <sean@stat.Duke.EDU>
To:        "Chad R. Larson" <chad@DCFinc.com>
Cc:        marki@paradise.net.nz, freebsd-stable@FreeBSD.ORG
Subject:   Re: [Fwd: telnet/tcp problems in 4.0-RELEASE]
Message-ID:  <20000702234118.N65450@stat.Duke.EDU>
In-Reply-To: <200007030318.UAA18920@freeway.dcfinc.com>; from chad@DCFinc.com on Sun, Jul 02, 2000 at 08:18:52PM -0700
References:  <Pine.BSF.4.21.0007020836470.28797-100000@deimos.ldc.net> <200007030318.UAA18920@freeway.dcfinc.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Chad R. Larson stated:
: As I recall, Alexander Nazarenko wrote:
: > I think you have ftpd with identd support on local machine, and there
: > is no identd running on it and kernel compilled with "dropping" rst
: > packets.  Try to turn on identd.
: 
: Anyone know off the top of their heads the timeout for ident, and
: for a DNS lookup?

The more I think about this problem, it might prove useful to
enable the log-in-vain feature and then maybe we can see if it
is a problem with something expecting an identd or similar.

Adding 

log_in_vain="YES"

to /etc/rc.conf will keep it across reboots, and running

sysctl -w net.inet.tcp.log_in_vain=1
sysctl -w net.inet.udp.log_in_vain=1

will enable it.  This is also useful for watching port scans :)

Also, another thing that will cause a goodly hang is if you have
enabled the blackhole feature on either tcp or udp.

Hope any/some of this is helpful.
S
-- 
1--------01---------01--------01--------01--------01--------01--------0
Sean O'Connell                                       sean@stat.Duke.EDU


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000702234118.N65450>