Linda Messerschmidt wrote:
> 1) TCP connections (mainly port 80) sometimes take 3 seconds to get
> started instead of being virtually instant.
> 2) Sometimes HTTP connections just stop responding. (Client program
> times out waiting for response.)
> 3) Sometimes connections get weirdly dropped ("Connection reset by
> peer.") 4) Sometimes if I am ssh'd through the firewall, something
> will happen and my inbound packets will start getting dropped, but
> outbound packets still pass. For example, if I'm at the shell
> prompt, it is non-responsive. But if I log alongside a stuck
> connection and "write" to that tty, I will see it no problem.
> 5) States that have no right to still be there continue to pile up
> into the hundreds of thousands.
If no suggestion helped so far try to scrub the mss to a smaller value
like 1400 or even lower.
Helmut
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
