Re: ipfw problems?
- From: Oleg Bulyzhin <oleg@xxxxxxxxxxx>
- Date: Wed, 26 Apr 2006 02:29:15 +0400
On Tue, Apr 25, 2006 at 02:34:03PM +0200, Ivan Voras wrote:
I forgot to add, here is the ipfw ruleset:
00500 691658783 639225488899 allow ip from any to any via lo0
01000 99014 6833994 allow icmp from any to any
05000 160430605 76502643136 allow tcp from me to any setup keep-state
05100 1002529 109535100 allow udp from me to any keep-state
05500 6900233 3554390307 allow tcp from X.X.X.107 to me setup keep-state
05505 0 0 allow udp from X.X.X.107 to me keep-state
06022 258788 52462014 allow tcp from X.X.X.0/24 to me dst-port 22
setup keep-state
06080 300599299 153827836772 allow tcp from any to me dst-port 80 setup
keep-state
06443 9801709 3876114253 allow tcp from any to me dst-port 443 setup
keep-state
65400 2381270 592034925 deny log ip from any to any
65535 0 0 deny ip from any to any
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"
Next time this happen check following sysctls:
net.inet.ip.fw.dyn_max
net.inet.ip.fw.dyn_count
I guess you've hit the limit.
--
Oleg.
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: ipfw problems?
- From: Ivan Voras
- Re: ipfw problems?
- References:
- ipfw problems?
- From: Ivan Voras
- Re: ipfw problems?
- From: Ivan Voras
- ipfw problems?
- Prev by Date: Re: /usr/libexec/save-entropy, IPv4: not found
- Next by Date: Re: ath0: ath_chan_set: unable to reset channel 5 (2432 Mhz, flags 0x3e0 hal flags 0x140)
- Previous by thread: Re: ipfw problems?
- Next by thread: Re: ipfw problems?
- Index(es):
Relevant Pages
|
|
