Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 07 Nov 2006 00:08:33 +0300
From:      "Marat N.Afanasyev" <amarat@ksu.ru>
To:        freebsd-net@freebsd.org
Subject:   a very strange netstat output and problem when using transparent proxy
Message-ID:  <454FA451.2030407@ksu.ru>

next in thread | raw e-mail | index | archive | help
Hello!

I've encountered a very strange situation about two hours ago. I use 
squid as transparent proxy and forward all the packets from port 80 to 
port 8000. Problem is, first of all, I have a lot of ierrs on interface 
when looking to interface stats using netstat. The second problem is far 
more serious: after a short period of time I have a completely frozen 
system that can only send data, but very rarely receive and generates a 
huge amount of ierrs on interface.

ipfw rules are as follows:

00001 allow ip from any to any via lo0
00002 deny ip from any to 127.0.0.0/8
00003 deny ip from 127.0.0.0/8 to any
00010 fwd xx.xx.xx.xx,8000 tcp from any to me dst-port 80
65535 allow ip from any to any

problem with ierrs disappears after I delete rule with forward, but I 
need this rule :(

-- 
SY, Marat



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?454FA451.2030407>