[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: remote vi editing pf.conf - goes offline

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: remote vi editing pf.conf - goes offline
From: mdff_(_at_)_a1_(_dot_)_net
Date: Fri, 19 Nov 2004 19:47:19 +0100
Reply-to: mdff_(_at_)_a1_(_dot_)_net

probably not correct, but i'll give it a try:

if you use the term "keep state" in your configs an tell the packet filter to re-read the configs or restart, you'll be disconnected because the pf "forgets" about the stateful connections and you'll not send any SYNs again, so your connection will be assumed not valid for the box. also the same with nat entries that have timeouts set could happen under some circumstances...

br, mdff...


cswiger wrote:
--------------

Hi - My OpenBSD nat gateway is running great, really like it.

Just curious about this behavior: I log in remotely from work
(box is home) and start editing pf.conf with vi

#vi /etc/pf.conf

and in a few minutes I get rudely disconnected. Didn't even /save/
the edited file. Go home and reset everything, comment out new
rules (which were broken). Back at work I log in, open /etc/pf.conf
in vi and shortly same thing happens. Didn't even /change/ anything.

Basically, WTF??????   Why does just opening pf.conf knock the
system offline? It's OpenBSD 3.4.

TIA

--Chuck

Prev by Date: Re: New unofficial document - oamp.pdf
Next by Date: Re: 70% of packet loss with em(4) and ti(4) due to interrupts
Previous by thread: Re: remote vi editing pf.conf - goes offline
Next by thread: pppd: Serial line is looped back
Index(es):
- Date
- Thread

Visit your host, monkey.org