Hi there,
Not sure if I understand this right but I see this:
ipfstat -sl | grep ttl | wc
672 2773 10561
When ipfstat -s is:
IP states added:
29109 TCP
11949 UDP
13077 ICMP
5496883 hits
14496654 misses
0 maximum
0 no memory
955 bkts in use
1002 active
25011 expired
28122 closed
Shouldn't ipfstat -sl show about 1002 states?
Thanks,
--Wes
On Aug 14, 2006, at 12:03 PM, Darren Reed wrote:
Hi there,
running FreeBSD 6.1 stable with:
ipf: IP Filter: v4.1.13 (416)
Kernel: IP Filter: v4.1.13
Running: yes
Log Flags: 0x20000000 = block
Default: block all, Logging: available
Active list: 1
Feature mask: 0xa
..
If we run ipfstat -FS it only clears a few states.. If I run
ipfstat -
sl we only see a fraction of the states.
On previous versions ipfstat -FS always knocked the state table to
zero then it started building again.
I think you mean "ipf -FS". Try "ipf -FS -Fs".
Darren
