Thank you for your replies so far.
Interestingly enough, killing off stateful
filtering seems to have done the
trick.
The router happens to be running BGP
along with another couple of OpenBSD boxes
also running BGP.
After much
extensive digging, I eventually found this little paragraph from
> I have
> tried the following more specific pass rule above the previous admin rule
> :
> pass in quick inet proto tcp from to any port ssh flags
S/SAFR
> keep
> state queue q_admin
>
>
> But that makes no difference.
Is it under testing or production?
Is it possible to remove *queue q_admin* f
I had an issue like this a couple years ago. Turned out that the
Solaris box I was SSH-ing into had NWAM misconfigured, which was causing
it to periodically reset connections. It looked like a PF issue because
what I saw was PF blocking a session it had previously accepted, but the
reality wa
Hello list,
At the top of my pf.conf, I have the following :
pass in quick
inet from to any queue q_admin
And right at the bottom :
block
in log quick to
I can establish an SSH connection with
no problem. But consistently after
about 30 seconds, my session hangs.
In
the logs I get :
r
4 matches
Mail list logo