Date: Sun, 24 Jun 2007 10:28:57 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: ExTaZyTi <extazyti@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Network Problem in FreeBSD 6.2-RELEASE-p5 Message-ID: <44fy4hh1ee.fsf@Lowell-Desk.lan> In-Reply-To: <468d29450706221101w6572c8c1h6f8b5a30c9331437@mail.gmail.com> (extazyti@gmail.com's message of "Fri\, 22 Jun 2007 21\:01\:21 %2B0300") References: <468d29450706210715m31c112acs1936dabf1b287d82@mail.gmail.com> <44hcp0dqe8.fsf@be-well.ilk.org> <468d29450706221101w6572c8c1h6f8b5a30c9331437@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Please don't top-post.
ExTaZyTi <extazyti@gmail.com> writes:
> Is the FreeBSD machine performing NAT for the Windows box?
> extazyti: yes with PF firewall. (But I don't have this problem before
> re-build my world+kernel (my last fbsd was fbsd6.2-STABLE. But this problem
> exist again in fbsd6.2-STABLE when I have build option ot drop TCP+SYN and
> have some bug..I donk know what exactly))
>
> Are you saying that this is a second problem?
> extazyti: YES. because I think limmiting my connectins is normal when I have
> "net.inet.tcp.blackhole=2" but Now I haven't this sysctl option and this is
> problem again.
>
> How are you doing the scan, and how do you know the ports are not
> really open?
> extazyti: I use PortScan with a delay MS - 20 (He sends TCP4-sockets) and
> ports It's not really open because there is no program to open random ports
> with this values and I use the netstat command. Aslo this problem was again
> before time when I have bugged again my kernel with TCP_DROP SYN+FIN in my
> kernel.
netstat isn't the best way to figure this out. It can be confusing.
Try sockstat(1).
> Which sysctl?
> extazyti: ALL, I put "#" before all texts in my sysctl.conf and reboot my
> system.
Check them after the reboot, using the sysctl(8) command and the
particular sysctl.
> Are you sure that the sysctl value changed?
> extazyti: I think yes..after restart and I changed special
> net.inet.tcp.blackhole to "0".
So check it:
$ sysctl net.inet.tcp.blackhole
net.inet.tcp.blackhole: 0
$
> Did you look at it after changing it to make sure it really shows up
> as different?
> extazyti: No. But I think reboot changes to default this options when have
> "#" before all texts in /etc/sysctl.conf
If nothing else affects it, yes. But check to be sure.
> 2007/6/22, Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>:
>>
>> [lists trimmed to just -questions]
>>
>> ExTaZyTi <extazyti@gmail.com> writes:
>>
>> > I have a serious problem with my network.
>> > I have connected 2 PC's, 1 - FreeBSD, 2 - Windows XP.
>> >
>> > The problem is follow - My FreeBSD limmiting connections , I cannot open
>> > more 224 TCP4-Sockets in my Windows Box.
>> > When I downloading torrent file, I cannot create more connections to the
>> > web, and while this time I can't open for example - web sites.
>>
>> Is the FreeBSD machine performing NAT for the Windows box?
>>
>> > Tow problem who worry myself is when I scan a my freebsd box or other
>> > "server" for open ports its FAKE show me: 81 82 ,83 ,465,463 and other
>> ports
>> > open.. but It's FAKE .. it's not really open..
>>
>> Are you saying that this is a second problem?
>>
>> How are you doing the scan, and how do you know the ports are not
>> really open?
>>
>> > I Cleared my sysctl, and test, cleared my firewall and test, re-build my
>> > kernel with any options changed and test again.. Just don't Work :((
>>
>> Which sysctl?
>>
>> > I have use PF firewall and FreeBSD 6.2-RELEASE-p5.
>> >
>> > I Think this problem is from "net.inet.tcp.blackhole=2" in my sysctl
>> because
>> > it's work before i do sysctl -w net.inet.tcp.blackhole=2..
>> > but when back this option to value = 0 this problem is stay there.. and
>> no
>> > restarts or re-build my kernel can fix this..or maybe be wrong to
>> > this supposition. Sorry for my english.
>>
>> Are you sure that the sysctl value changed?
>> Did you look at it after changing it to make sure it really shows up
>> as different?
>>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
--
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44fy4hh1ee.fsf>