Date: Wed, 5 Sep 2001 10:13:25 -0500 From: "David W. Chapman Jr." <dwcjr@inethouston.net> To: Jason DiCioccio <geniusj@bluenugget.net> Cc: stable@freebsd.org Subject: Re: ipnat bug Message-ID: <20010905101325.J45611@leviathan.inethouston.net> In-Reply-To: <20010905080631.A75031@bluenugget.net> References: <20010905084833.F45611@leviathan.inethouston.net> <200109051359.f85Dxrw14875@cwsys.cwsent.com> <20010905090355.I45611@leviathan.inethouston.net> <20010905080631.A75031@bluenugget.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Sep 05, 2001 at 08:06:31AM -0700, Jason DiCioccio wrote: > On Wed, Sep 05, 2001 at 09:03:55AM -0500, David W. Chapman Jr. wrote: > > On Wed, Sep 05, 2001 at 06:59:16AM -0700, Cy Schubert - ITSD Open Systems Group wrote: > > > In message <20010905084833.F45611@leviathan.inethouston.net>, "David W. > > > Chapman > > > Jr." writes: > > > > I'm not sure what the stats say, because since you told me what to > > > > look for I have no been able to reproduce it. Sometimes it happens > > > > whithin a day, sometimes a week or two. > > > > > > You might want to try posting this on the IP Filter mailing list: > > > ipfilter@coombs.anu.edu.au. Darren Reed, author and maintainer of IP > > > Filter, is quite active on that ilst. > > > > > > > > Thanks, I plan on it once the bug shows it self again and I can > > provide the propper output showing so. > > > > -- > > David W. Chapman Jr. > > I was actually heading towards state table size issues by the way.. But it does > not actually look like that is the issue (since ipnat -CF would not fix this). > When did I say that? I said ipnat -CF *DOES fix it incase I mistyped something, that's what I meant. > Worth a shot though I suppose.. When it happens again look in the ipfstat -s for > the 'Maximum' value, it shouldn't be above 0. Of course it's worth looking at > everything that others have suggested too. Unless you have no stateful rules ;) > Good luck, let us know when it happens again :-) > One thing to note, I'm not using ipf, only ipnat and ipfilter with default empty ruleset -- David W. Chapman Jr. dwcjr@inethouston.net Raintree Network Services, Inc. <www.inethouston.net> dwcjr@freebsd.org FreeBSD Committer <www.FreeBSD.org> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010905101325.J45611>