[ previous ] [ next ] [ threads ]
 
 From:  Pascal Gaudette <pascal underscore gaudette at yahoo dot ca>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Why am I blocking legitimate packets?
 Date:  Sun, 23 Apr 2006 13:50:57 -0400 (EDT)
Hi all,

Over the last few days, I've been getting very erratic
performance from my Internet connection.  I thought it
was my provider, but last night I had a look at my
m0n0 logs, and found that it seems to be blocking
legitimate packets like this one:

13:12:25.258772 xl0 @0:22 b 10.0.1.101,59002 ->
62.2.215.148,80 PR tcp len 20 40 -AF IN

It doesn't do this systematically.  I can still get
the Web pages by hitting reload a couple of times (or
waiting for a while) when it happens. Now, I only have
a single rule on my LAN interface that allows anything
from the LAN net itself (10.0.1.0/24) to be passed
out, so I don't see why these packets should get
blocked.

I upgraded from 1.21 to 1.22 in an effort to fix this
this morning, but it still seems to be happening.  I
also see inbound packets blocked that seem to be
responses to outbound requests, like this one (while I
was waiting on www.airmetic-soya.com to load) :

13:35:25.764162 ng0 @0:22 b 66.48.100.22,80 ->
10.0.1.101,46257 PR tcp len 20 40 -A IN

Everything was working fine before and I'm not sure
what changed to make this happen.  I did enable a 2nd
interface on my FW, but that was a few weeks ago, and
it only started behaving erratically a few days ago.

Anyone have any clues that might help me troubleshoot
this?  Any help would be much appreciated.


--
Pascal Gaudette <pascal underscore gaudette at yahoo dot ca>

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com