[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-bugs
Subject:    system/5797: relayd should remove pf states
From:       bsd () openbsd ! rutgers ! edu
Date:       2008-04-21 16:18:42
Message-ID: 20080421161842.A060EDE43 () openbsd ! rutgers ! edu
[Download RAW message or body]

>Number:         5797
>Category:       system
>Synopsis:       relayd does not kill states when sticky-address is set
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Apr 21 16:30:01 GMT 2008
>Closed-Date:
>Last-Modified:
>Originator:     
>Release:        4.3-current
>Organization:
net
>Environment:
	System      : OpenBSD 4.3
	Details     : OpenBSD 4.3-current

	Architecture: OpenBSD.amd64
	Machine     : amd64
>Description:
	relayd does not remove existing states when "sticky-address" is used,
	causing many clients to hang until the pf state expires.
>How-To-Repeat:
	Put "sticky-address" in a redirection, connect with some clients, and 
	take down one of the servers in the table.  The ones that had connections
	to the now-downed server will not recover until the pf state times out.
>Fix:
	workaround: pfctl -k / pfctl -K
	relayd should remove the states of the hosts it removes from the table.


>Release-Note:
>Audit-Trail:
>Unformatted:

[prev in list] [next in list] [prev in thread] [next in thread]