Hello,

Apologies if incorrect place to post (netbsd-help?).

I have sshd running on

NetBSD GATEWAY 2.0 NetBSD 2.0 (RALTQ) #0: Sun Feb  6 22:27:10 GMT 2005
 amadeus@GATEWAY:/usr/src/sys/arch/i386/compile/RALTQ i386

with ipf rule

pass in quick on rtk0 proto tcp from any to rtk0/32 port =3D 22 flags S
keep state keep frags

Every once in a while, in a way which I can't reproduce my ssh
sessions lock-up and I am then disconnected. I cannot reconnect via
sshd. However httpd continues to function "normally".

If I nmap the machine remotely it shows the sshd port as "filtered"
ie. the sshd is not responding. Normally it is "open". httpd is open
at all times.

I changed LogLevel DEBUG in sshd_config and the following corresponds
in authlog:

Jul  9 22:12:06 GATEWAY sshd[27212]: Read error from remote host
my.ip.address: Connection timed out

Otherwise there are no entries in /var/log/messages or /var/authlog.

The pid remains the same before and after this happens, so sshd is not
restarted.

ssh comes alive again after ~5/10 minutes.

Does anyone know why this would happen?=20

Or better still: how can I debug more?

I have a default-block-all on the machine, but ipmon doesn't show any
blocked packets when I regain access and check.

Any ideas would be appreciated.

This didn't always seem to happen...

Amadeus