Results 1 to 2 of 2
  1. #1
    Join Date
    Jun 2002
    Posts
    1,376

    OpenBSD pf: Long-term connection?

    I recently deployed an OpenBSD machine using pf to be a router/firewall for my home LAN, using NAT and sitting between our cable modem and our switch. It seems to work great.

    But I just noticed an 'active' connection to a website... It's been open for 19 hours. 12KB of traffic has flowed over the connection, and the machine on the local end that initiated the connection is a laptop that's been offline for hours.

    My question is twofold:
    - Why hasn't this been dropped, after hours of inactivity?
    - Short of restarting everything, is there a way to instruct PF to drop the connection / lose state information on it?

  2. #2
    Join Date
    Jun 2002
    Posts
    1,376
    For the benefit of others, "pfctl -F states" will flush all the states. This really isn't what I was looking to do, but it did accomplish the end goal, just taking out all the other states too.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •