On 13/10/2020 11:19, Kristof Provost wrote:
On 13 Oct 2020, at 10:58, Eugene M. Zheganin wrote:
Is there some issue with pf and hn interfaces that I'm unaware about?
There’s no interface specific code in pf, so it wouldn’t be specific to
hn interfaces.
Are these symptoms of a bug ?
Perhaps. It can also be a symptom of resource exhaustion.
Are there any signs of memory allocation failures, or incrementing error
counters (in netstat or in pfctl)?
I have seen this kind of errors in VirtualBox with PF and emulated Intel
interface (emX)
Oct 1 22:42:19 bobik postfix/smtp[35330]: connect to
aspmx.l.google.com[108.177.126.27]:25: Permission denied
Oct 1 22:42:19 bobik postfix/smtp[36246]: connect to
aspmx.l.google.com[108.177.126.27]:25: Permission denied
Oct 1 22:42:19 bobik postfix/smtp[35330]: connect to
alt2.aspmx.l.google.com[108.177.97.27]:25: Permission denied
Oct 1 22:42:19 bobik postfix/smtp[36246]: connect to
alt1.aspmx.l.google.com[172.253.118.27]:25: Permission denied
Oct 1 22:42:19 bobik postfix/smtp[35330]: connect to
alt1.aspmx.l.google.com[172.253.118.27]:25: Permission denied
Oct 1 22:42:19 bobik postfix/smtp[36246]: connect to
alt2.aspmx.l.google.com[108.177.97.27]:25: Permission denied
I think it is related to states table exhaustion (reported in
freebsd-pf@ mailing list about a week ago).
My firewall rules are open for all outgoing traffic.
So I think your problem is related to some resource exhaustion too.
Kind regards
Miroslav Lachman
_______________________________________________
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
