Date: Tue, 20 Nov 2007 07:53:34 +0100 From: Daniel Hartmeier <daniel@benzedrine.cx> To: Jan Srzednicki <w@wrzask.pl> Cc: freebsd-stable@freebsd.org, freebsd-pf@freebsd.org Subject: Re: pf(4) using inapropriate timeout values, 6.2-R Message-ID: <20071120065334.GJ29432@insomnia.benzedrine.cx> In-Reply-To: <20071119202142.GI2045@oak.pl> References: <20071119202142.GI2045@oak.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 19, 2007 at 09:21:42PM +0100, Jan Srzednicki wrote:
> I'm positively sure it's precisely this value that timeouts this
> conection (which later on get state mismatches).
What does pfctl -vvss show for such a state entry, in particular the
right-most part of the first line ("ESTABLISHED:ESTABLISHED" while the
connection is still fully established, etc.)?
Does it matter which side of the connection (the client or the server)
half-closes the connection?
It's possible that there's a bug in mapping the timeout, I'll check.
Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071120065334.GJ29432>