On 07/03/11 06:27, eculp wrote: > Something is strange with PF. I get the above error using pf on > current but not on FreeBSD stable. The pf configuration hasn't > changed for a couple of years on either and they are the same except > for hardware names. > > The two machines are: > 9.0-CURRENT FreeBSD 9.0-CURRENT #247: Wed Jun 29 04:49:16 CDT 2011 > 7.4-STABLE FreeBSD 7.4-STABLE #1228: Sat Jun 25 04:42:55 CDT 2011 > > Anyone else seeing this? > > Thanks, > > ed > _______________________________________________ > I am also seeing this, especially when a website/browser/tab is closed but the remote site is still sending data I think. I am using the same basic pf.conf I have used for client machines for a while, but there is not much other than pf options and allowing traffic out (modulate state for tcp, keep state for everything else). I do have scrub, and antispoof rules for the interfaces, as well as a block log all at the top. For now, like i said, I've only seen the state key mismatches with web traffic. Also, synproxy state seems to hang all traffic. MattReceived on Sun Jul 03 2011 - 16:10:54 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:15 UTC