You probably don't need the "keep frags" part of the rule for this application. Weird problem.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Amadeus Stevenson Sent: Saturday, July 09, 2005 5:38 PM To: NetBSD Users Cc: [email protected] Subject: sshd down randomly, back up after ~10 mins? Hello, Apologies if incorrect place to post (netbsd-help?). I have sshd running on NetBSD GATEWAY 2.0 NetBSD 2.0 (RALTQ) #0: Sun Feb 6 22:27:10 GMT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RALTQ i386 with ipf rule pass in quick on rtk0 proto tcp from any to rtk0/32 port = 22 flags S keep state keep frags Every once in a while, in a way which I can't reproduce my ssh sessions lock-up and I am then disconnected. I cannot reconnect via sshd. However httpd continues to function "normally". If I nmap the machine remotely it shows the sshd port as "filtered" ie. the sshd is not responding. Normally it is "open". httpd is open at all times. I changed LogLevel DEBUG in sshd_config and the following corresponds in authlog: Jul 9 22:12:06 GATEWAY sshd[27212]: Read error from remote host my.ip.address: Connection timed out Otherwise there are no entries in /var/log/messages or /var/authlog. The pid remains the same before and after this happens, so sshd is not restarted. ssh comes alive again after ~5/10 minutes. Does anyone know why this would happen? Or better still: how can I debug more? I have a default-block-all on the machine, but ipmon doesn't show any blocked packets when I regain access and check. Any ideas would be appreciated. This didn't always seem to happen... Amadeus
