Till now the firewalls seems to be stable. No panic for now. It seems
the first small step was in the right direction...
Thank you Rogier.
Now my last problem regards the pf weird logs. I have two type of
strange logs:
1)
Jun 27 15:51:09 ip-11-53 /bsd: pfsync: ignoring stale update (4) id:
42bae8be0030af70 creatorid: 23e81a47
2)
Jun 27 15:24:05 ip-11-52 /bsd: pf: BAD state: TCP 62.94.11.44:28003
83.211.3.20:28003 85.33.52.26:1088
[lo=4256108960 high=4256114800 win=17520 modulator=0]
[lo=346282809 high=346300240 win=5840 modulator=0]
4:4 FPA seq=188091771 ack=4256108960 len=125 ackskew=0 pkts=768:692
dir=out,rev
Jun 27 15:24:05 ip-11-52 /bsd: pf: State failure on: 2 | 6
The 1st message appears very often (up to 30-40 times in the same
second) and the 2nd appears 1 times at second).
Googling around the net I didn't found anithing usefull.
Someone can give me some hints on how interpret the messages?
Thanks
Paolo
P.S.: the firewall handle the traffic directed to some multiplayer game
application server. In normal situation there are about 800 established
tcp connection flowing throught the fws consuming a bandwidth of about 2
Mbit/s.
Paolo Perrucci ha scritto:
Ok, I replaced syncif with syncdev on both fws.
Waiting for the next panic...
Thanks
Paolo
Rogier Krieger ha scritto:
On 6/24/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
hostname.pfsync0: up syncif rl0
To start with small steps: how about replacing syncif with syncdev for
the hostname.pfsync0 files? IIRC, syncif is deprecated as of 3.7. For
more info, see ifconfig(8).
Cheers,
Rogier
