Problem with consistent disconnection of IRC sessions

I am running a basic freebsd 7.0 pf router/firewall for my
home computer. On
this same machine I am usually running an IRC (tcp 6667)
session.

It seems as though every 30 minutes to every several hours,
my IRC session
disconnects and reconnects itself.

I'm passing in/out tcp 6667 w/ FLAGS S/SA keep state. I'm
scrub in all +
scrub out all , and basically it's a standard setup.

I'm wondering if anyone can help me more. I have my PF rules
if more
information is needed but hopefully someone has a suggestion
without
requiring that. 


Thank you,


Kevin K.



_______________________________________________
freebsd-pffreebsd.org mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to
"freebsd-pf-unsubscribefreebsd.org"

On Thu, 2008-04-24 at 15:43 -0400, Kevin K wrote:
> I am running a basic freebsd 7.0 pf router/firewall for
my home computer. On
> this same machine I am usually running an IRC (tcp
6667) session.
> 
> It seems as though every 30 minutes to every several
hours, my IRC session
> disconnects and reconnects itself.
> 
> I'm passing in/out tcp 6667 w/ FLAGS S/SA keep state.
I'm scrub in all +
> scrub out all , and basically it's a standard setup.
> 
> I'm wondering if anyone can help me more. I have my PF
rules if more
> information is needed but hopefully someone has a
suggestion without
> requiring that. 
> 
> 

Do you have pftop installed? If so when the disconnects
occur do you see
a new session / new state being created along side the old
one? 

Just want to be sure that it is a disconnect at your pf
firewall and not
at either the client / server. Since I know first hand that
you have a
pretty good handle on your rule set it may not be your pf
setup. 

Cheers,
~e

_______________________________________________
freebsd-pffreebsd.org mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to
"freebsd-pf-unsubscribefreebsd.org"

On Thu, Apr 24, 2008 at 03:43:43PM -0400, Kevin K wrote:
> I am running a basic freebsd 7.0 pf router/firewall for
my home computer. On
> this same machine I am usually running an IRC (tcp
6667) session.
> 
> It seems as though every 30 minutes to every several
hours, my IRC session
> disconnects and reconnects itself.

There's a pretty good chance if it's a server on a popular
network
(EFnet, DALnet, etc.), it may be under DoS, or may have
incorrect
filtering rules applied to it.  If you're absolutely sure
your rules are
OK, then it's probably not you.

The reason I say this:

IRC's protocol involves a PING check which the server sends
to the
client every few minutes (usually; the server admin can set
it to any
value he/she likes, but most people pick 5 minutes), and the
client is
required to respond to that PING.  This is more or less a
poor-man's TCP
keepalive.  This PING is not ICMP echo/echo-reply -- it's
literally part
of the IRC protocol.

The regularity of people on public IRC networks pinging
out/timing out
is immense.  I sit in #bsdports and see this happen to
people hundreds
of times a day.

The issue may also be related to Internet peering, which you
have
absolutely no control over.  Backbone providers break the
Internet on a
nightly basis (this is not an exaggeration), and IRC is one
of the most
"real-time" environments there is, so people
notice.

-- 
| Jeremy Chadwick                                jdc at
parodius.com |
| Parodius Networking                       http://www.parodius.com/
|
| UNIX Systems Administrator                  Mountain View,
CA, USA |
| Making life hard for others since 1977.              PGP:
4BD6C0CB |

_______________________________________________
freebsd-pffreebsd.org mailing list

http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to
"freebsd-pf-unsubscribefreebsd.org"