Date: Wed, 26 Apr 2006 02:29:15 +0400 From: Oleg Bulyzhin <oleg@freebsd.org> To: Ivan Voras <ivoras@fer.hr> Cc: stable@freebsd.org Subject: Re: ipfw problems? Message-ID: <20060425222915.GC88447@lath.rinet.ru> In-Reply-To: <444E173B.6020003@fer.hr> References: <444E160D.3000401@fer.hr> <444E173B.6020003@fer.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 25, 2006 at 02:34:03PM +0200, Ivan Voras wrote: > > I forgot to add, here is the ipfw ruleset: > > 00500 691658783 639225488899 allow ip from any to any via lo0 > 01000 99014 6833994 allow icmp from any to any > 05000 160430605 76502643136 allow tcp from me to any setup keep-state > 05100 1002529 109535100 allow udp from me to any keep-state > 05500 6900233 3554390307 allow tcp from X.X.X.107 to me setup keep-state > 05505 0 0 allow udp from X.X.X.107 to me keep-state > 06022 258788 52462014 allow tcp from X.X.X.0/24 to me dst-port 22 > setup keep-state > 06080 300599299 153827836772 allow tcp from any to me dst-port 80 setup > keep-state > 06443 9801709 3876114253 allow tcp from any to me dst-port 443 setup > keep-state > 65400 2381270 592034925 deny log ip from any to any > 65535 0 0 deny ip from any to any > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" Next time this happen check following sysctls: net.inet.ip.fw.dyn_max net.inet.ip.fw.dyn_count I guess you've hit the limit. -- Oleg.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060425222915.GC88447>