[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-pf
Subject:    Re: pf weirdness on Soekris running OpenBSD 3.5
From:       J Moore <jaymo () cullmail ! com>
Date:       2004-07-15 3:31:03
Message-ID: 20040715033103.GA15409 () kingcull ! cullmail ! com
[Download RAW message or body]

On Wed, Jul 14, 2004 at 10:06:11AM -0500, the unit calling itself J Moore wrote:
> On Wed, Jul 14, 2004 at 11:44:47AM +0200, the unit calling itself John Graat wrote:
> 
> > this morning one of our Soekris-net4801 boxes running OpenBSD 3.5
> > stopped routing packets to/from the Internet. Packets were still coming
> > in. Some were still dropped according to the pf-rules. Those that were
> > allowed to pass, appeared in pftop but none of the states in pftop ever
> > reached established. It dit not make any difference if the connection
> > was initiated from outside or inside. So it looked like packets
> > received on one interface were never transmitted on the other
> > interface.
> > 
> > I was able to login using ssh from our internal network and found
> > nothing special in the logs. Unfortunately I did not have much time to
> > investigate this as users started to complain... so I rebooted the
> > Soekris and everything runs fine just now.
> > 
> > Anybody any idea where to look or what to do about this? Anyone seen
> > this before?
> 
> Coincidentally, my Soekris-net4801 firewall running OpenBSD 3.5 also 
> "froze" early this morning. It required a manual reset to get it going 
> again. I haven't had time to look at any of the logs yet - I'll post 
> something here if I learn anything.

Nothing in my logfiles to indicate even a hint of trouble... it just 
stopped passing network traffic. Like John's system, it worked fine 
again after re-boot. Yuck!

Jay
[prev in list] [next in list] [prev in thread] [next in thread]