Date: Tue, 16 Mar 2004 15:37:16 +0300 From: Zherdev Anatoly <tolyar@mx.ru> To: Gleb Smirnoff <glebius@cell.sick.ru> Cc: freebsd-net@freebsd.org Subject: Re: Problem with closing tcp session between cisco and freebsd Message-ID: <20040316153716.099448ac@dwarf.demos.su> In-Reply-To: <20040316123424.GA17010@cell.sick.ru> References: <20040316125335.5f64cac5@dwarf.demos.su> <20040316131256.015a082d@dwarf.demos.su> <4056D84C.514EC45C@freebsd.org> <Pine.BSF.4.53.0403161129010.51220@e0-0.zab2.int.zabbadoz.net> <20040316151832.3f8b9012@dwarf.demos.su> <20040316123424.GA17010@cell.sick.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 Mar 2004 15:34:24 +0300 Gleb Smirnoff <glebius@cell.sick.ru> wrote: > Z> But in IPFW i have ACCEPT by default and only this deny rules: > Z> > Z> 00200 deny ip from any to 127.0.0.0/8 > Z> 00300 deny ip from 127.0.0.0/8 to any > Z> 00400 deny log logamount 100 tcp from any to any 135-139,445,593 > Z> 00500 deny log logamount 100 udp from any to any 135-139,445 > Z> 01100 deny tcp from any to any 22 in recv fxp1 > Z> 01600 reset tcp from any to any 113 > Z> > Z> I make ipfw flush when i see this situation and keep only > Z> 65535 allow ip from any to any > Z> but problem was not resolved and tcp session not ended. > > Another snap question: > > what is value of net.inet.tcp.blackhole sysctl? sysctl -a | grep blackhole net.inet.tcp.blackhole: 0 net.inet.udp.blackhole: 0 -- Zherdev Anatoly.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040316153716.099448ac>