Re: ipfstat not clearing the state table

IPfilter

Re: ipfstat not clearing the state table - a similar problem?

To:	"Darren Reed" <avalon@caligula.anu.edu.au>, ipfilter@coombs.anu.edu.au
Subject:	Re: ipfstat not clearing the state table - a similar problem?
From:	"Corey Johnston" <coreyj@gmail.com>
Date:	Tue, 19 Dec 2006 15:23:49 +1100
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	ipfilter-list@securepoint.com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=W2MPRCk9fci/q6BqfHExbuJeeAFMHcmfFqYyNESrLtgyvZooaebmorSB+lDzkpk1cSZXiKZ7s86LukdTiyIMMWkIBdPxofaD0414zGwpLf7w1wYaoh3byhGRAzadVzcCY50+wS64dhOCMmW5A0ycSpeMzVBuF5XLSSlRYPUUH7U=
In-reply-to:	<200612190213.kBJ2Dq95014773@caligula.anu.edu.au>
References:	<e2e114e10612180351p8246bd8y28eef171e5aa8977@mail.gmail.com> <200612190213.kBJ2Dq95014773@caligula.anu.edu.au>
Sender:	owner-ipfilter@coombs.anu.edu.au

You little ripper..! It seems to work like a charm (so far).

Very good stuff - thank you.

States are being created, acknowledged as active, and then promptly disappearing from the active count.

No mention of any orphan states in ipfstat -dsl

Plus, ipf -FS -Fs works and actually clears the states, as in version 3.

Only other problem I'm trying to sort - which probably isn't related - is why internet-bound traffic is slow out this firewall..

But I suspect that might be more to do with Solaris TCP tuning than IPFilter.

I'll let you know if I notice anything else odd.

It's pretty easy to compare because I've got the same ruleset (excluding interface names) on NetBSD/IPF3.4 and Solaris10/IPF4.1.15.

Possibly when the dust settles this could be released as an official bugfix for the vanilla IPFilter (4.0.2) on Solaris 10?

thanks for your hard work Darren

Corey.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: ipfstat not clearing the state table - a similar problem?, (continued) Re: ipfstat not clearing the state table - a similar problem?, Simon A. Boggis Re: ipfstat not clearing the state table - a similar problem?, Simon A. Boggis Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston Re: ipfstat not clearing the state table - a similar problem?, Darren Reed Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston Re: ipfstat not clearing the state table - a similar problem?, Simon A. Boggis Re: ipfstat not clearing the state table - a similar problem?, Darren Reed Re: ipfstat not clearing the state table - a similar problem?, Simon A. Boggis Message not available Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston Message not available Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston Message not available Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston <=

Previous by Date:	Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston
Next by Date:	IPFilter 4.1.16, Darren Reed
Previous by Thread:	Re: ipfstat not clearing the state table - a similar problem?, Corey Johnston
Next by Thread:	Re: IP Filter and IPMP on Solaris 10 (ipf 3.0.4, pfil 2.1.4), Darren Reed
Indexes:	[Date] [Thread] [Top] [All Lists]