Using "pfctl -vss" I see a few states that are in FIN_WAIT_2. If I
wait for these states to vanish I am directed to the correct ip
address.
If I flush the states using "pfctl -F state" I see nothing under pfctl
-vss, but my machine is still directed to the old ip adderss that is
no longer in the table.
(this is 3.8 amd64)
Thanks,
- Ec
On 5/22/06, jared r r spiegel <[EMAIL PROTECTED]> wrote:
On Mon, May 22, 2006 at 03:25:20PM -0400, Eci Souji wrote:
> I'm currently using a table with pf redirects.
>
> rdr pass on X_if proto tcp from any to Y_ip port {80,443} -> <tableQ>
> round-robin sticky-address
>
> and it's working fine. The only issue is when I delete an entry from that
> table some connections still continue to try and hit that destination ip.
> Is there any way around this?
>
when you are seeing this undesired condition, does
'pfctl -vss' show any extant states which still have that
old/removed IP but still could match the incoming traffic?
--
jared
[ openbsd 3.9-current GENERIC ( may 1 ) // i386 ]
