Interesting I'll see if I can plug away with this and produce something similar to that using your rules once I can get past this kernel problem I have . . . ;-) definately a point release
-- Jason Hellenthal Voice: 95.30.17.6/616 JJH48-ARIN > On Jan 27, 2014, at 22:26, Robert Simmons <rsimmo...@gmail.com> wrote: > > On Mon, Jan 27, 2014 at 4:06 PM, Jason Hellenthal > <jhellent...@dataix.net> wrote: >> >> I've seen similar things happen on SSH, that were due to a combination of >> "scrub"ing and states expiring. Turning off scrub rules on SSH specifically >> cured the scenario for me but I don't see an indication of whether or not >> you are using that. > > I am not using any scrubbing rules. > >> You could also verify the states dropping by changing the optimization to >> conservative. > > The problem does not seem to be happening today, so I will try this > when it happens again: > set optimization conservative > > However, the problem does not interrupt my ssh session with the > server, so I don't think that its dropping an idle connection. It > looks just to be blocking some packets involved with a connection. > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
smime.p7s
Description: S/MIME cryptographic signature
