IPFW2 may cause incoming connections to hang

[Andrey A. Chernov]

I notice reproductible effect on my recent -current remote machine, after
5-7 hours of normal work, I can't connect to this machine via
ssh,telnet,pop3 or ftp, but smtp and http continue to work normally.

When I turn ipfw2 off, this effect is gone. It was never happened for old
ipfw with the same settings.

I have simple open firewall type with one deny rule for specific tcp
port. Since this is remote machine, I can't login and see what actually
happens during this effect. I also notice that if current connection stays
across beginning of effect, it continue to work, but new ones hangs.

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message

Re: IPFW2 may cause incoming connections to hang

[Luigi Rizzo]

On Thu, Aug 01, 2002 at 12:11:05PM +0400, Andrey A. Chernov wrote:
 I notice reproductible effect on my recent -current remote machine, after
 5-7 hours of normal work, I can't connect to this machine via
 ssh,telnet,pop3 or ftp, but smtp and http continue to work normally.
 
 When I turn ipfw2 off, this effect is gone. It was never happened for old
 ipfw with the same settings.
 
 I have simple open firewall type with one deny rule for specific tcp
 port. Since this is remote machine, I can't login and see what actually
 happens during this effect. I also notice that if current connection stays
 across beginning of effect, it continue to work, but new ones hangs.

could you send me your exact ruleset ? Also, does this happen
at specific times (e.g. after some cron task) or not ?

cheers
luigi

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message