I had an issue like this a couple years ago. Turned out that the
Solaris box I was SSH-ing into had NWAM misconfigured, which was causing
it to periodically reset connections. It looked like a PF issue because
what I saw was PF blocking a session it had previously accepted, but the
reality was that it had already removed that session from its table.
K.
On 2/9/11 1:58 PM, a b wrote:
Hello list,
At the top of my pf.conf, I have the following :
pass in quick
inet from<admin_nets> to any queue q_admin
And right at the bottom :
block
in log quick to<server_interfaces>
I can establish an SSH connection with
no problem. But consistently after
about 30 seconds, my session hangs.
In
the logs I get :
rule 144/(match) block in on vlan5: 10.10.10.10.53675>
11.11.11.11.22: . ack
1277 win 65535<nop,nop,timestamp 20097852 1792825903>
(DF) [tos 0x10]
Where rule 144 is the block rule mentioned above.
I have
tried the following more specific pass rule above the previous admin rule
:
pass in quick inet proto tcp from<admin_nets> to any port ssh flags S/SAFR
keep
state queue q_admin
But that makes no difference.
What am I doing
wrong ?
Tim
