bah! I missed conveying this point in my haste to send the original post ( many apologies ).
When the firewalls stopped passing traffic they didn't stop all together but rather it seemed that anything with established state continued to pass but anything seeking new state was not passed even though pflog made it look as if it were. On Wed, Oct 17, 2012 at 11:51 AM, Bennett Samowich <bsamow...@gmail.com> wrote: > I just had an event that I'm having trouble identifying the root cause. I'm > hoping that someone might have encountered this or might be able to point me > toward some things to check. > > Yesterday we had an event where our primary firewall would stop passing > traffic. The only thing short of a reboot that would restore service was to > run 'sh /etc/netstart pfsync0'. Resetting pfsync's physical interface or > pulling that cable didn't produce results. Only resetting the pfsync0 > virtual interface would restore service. I'm not even sure what > information would be helpful to provide or what other questions to ask. I > also found it odd that the two servers did not show the same number of state > entries by a difference of anywhere from 100 to 1000s. Is this typical? > > Thanks, > Bennett
