On 19.12.2017 13:15, wishmaster wrote:
> Hi,
>
> after I have applied ng_patch for setting TTL for outgoing packets with below
> rules
>
> kldload ng_ipfw 2>/dev/null
> kldload ng_patch 2>/dev/null
>
> /usr/sbin/ngctl -f- <<-SEQ
> mkpeer ipfw: patch 100 in
> name ipfw:100 ttl_set
> msg ttl_set: setconfig { count=1 csum_flags=1 ops=[ \
> { mode=1 value=128 length=1 offset=8 } ] }
> SEQ
>
> /sbin/ipfw add 15002 netgraph 100 ip from me to not me recv "*"
Why do you have incoming ip packets sourced from your IP?
This generally means source was spoofed and such incoming packets
should be silently dropped.
> What is this?
"After" does not mean "because of". Your processes ate all memory and swap
and ng_patch cannot be responsible for that.
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
