[rescue] IPFILTER woes
Patrick Giagnocavo
patrick at zill.net
Mon Feb 18 19:45:13 CST 2002
On Mon, Feb 18, 2002 at 05:39:09PM -0500, Brian Hechinger wrote:
> ok, so here's what happens. the machine locks dead. no panic, just stopped.
> i can break to the rom and reboot the machine. it happens at seemingly random
> intervals. i saw the posts about ipmon hanging solaris, but i have tried it
> with ipmon running and without ipmon running. hangs both ways.
The same thing will happen under OpenBSD if you haven't reserved
enough space in the kernel for certain buffers. Even if running pf
instead of ipf.
BSD and Solaris are different the way night and day are different, but
the same thing might be happening - since IPFilter does more with the
packets, it needs more space in the kernel.
Try using ndd to mess around with some of the TCP/IP settings.
You might find a search on google or the BigAdmin site helpful.
You probably already know about this:
http://www.sun.com/blueprints/tools/nddconfig
Are you keeping state on the firewall or not?
./patrick
More information about the rescue
mailing list