Hello misc,
I've the follow situation:
WAN ------OBSD-------LAN
|
|__DMZ---- 192.168.1.0/24 ---Windows 2003 - RRAS --
10.20.30.x/27- VPN IP's CLIENT
Clients connect to RRAS server and pf, filter traffic from VPN clients to
LAN services.
The problem is: when vpn clients die, PF keep state of connections and I've
a storm of tcp packets with PSH flag or RST , and bandwidth traffic
increase incredibly.
when storm occurs, if executed : 'pfctl -k 10.20.30.7' , by example, storm
stop instantly.
I'm searching by incidentes, but i no founded nothing.
Someone would could show me a correct direction to solve this issue ?
Regards,
