Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 2 Aug 2007 17:15:17 +0200
From:      Max Laier <max@love2party.net>
To:        freebsd-pf@freebsd.org
Subject:   Re: pf eates syn packet?
Message-ID:  <200708021715.25167.max@love2party.net>
In-Reply-To: <200708021502.l72F2PCu004207@pinky.frank-behrens.de>
References:  <200708011233.l71CX4Od082534@pinky.frank-behrens.de> <200708021502.l72F2PCu004207@pinky.frank-behrens.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
--nextPart1408523.uZKQp927Sn
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Thursday 02 August 2007, Frank Behrens wrote:
> Frank Behrens <frank@pinky.sax.de> wrote on 2 Aug 2007 13:29:
> >....
> > Aug  2 13:17:26 <kern.crit> moon kernel: pf: state insert failed:
> > tree_ext_gwy lan: 84.182.237.27:50517 gwy: 84.182.237.27:50517 ext:
> > 193.99.144.85:80
>
> The new pf(4) from
> http://people.freebsd.org/~mlaier/PF41/
> on FreeBSD 6.2-STABLE-200708021147 i386 shows the same problem. :-(
>
> Is this a problem for pf(4) on FreeBSD or should the report be sent to
> OpenBSD?

Can you follow up with the complete pf.conf you are using?  The "state=20
insert failed" error suggests a logic problem in your config (or a missed=20
PF_TAG_GENERATED somewhere).  It seems that the same packet is run=20
through the firewall twice, generating state on the first run, but not=20
matching it on the second ... somehow strange.

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--nextPart1408523.uZKQp927Sn
Content-Type: application/pgp-signature; name=signature.asc 
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)

iD8DBQBGsfUNXyyEoT62BG0RAjGSAJ9DGuZcbqbY8e/c7cFDsl74vIUqDwCfQytz
mTeiUFGyCcHKQftcQ7hBKRU=
=yFYD
-----END PGP SIGNATURE-----

--nextPart1408523.uZKQp927Sn--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200708021715.25167.max>