So basically the nfs client is trying to establish a connection on using the same information in my firewall (checkpoints state table) ie. the same src address src port dst addr dstr port so the firewall immedietly flags the packet as invalid and drops it, at this point Apache is stuck waiting for a reponse and cannot be interrupted, mount is owned by init so the only way to recover is to reboot, on the host side I notice the following state on my server syn_sent and it pretty much stays in this state forever. When looking at the firewall logs I see tons of dropped packets, i'm not sure if checkpoint is doing some kind of anti synflood detection or its just dropping the packets because they are fragmented or something of that nature if anyone can give me an insight I would be really apreciate it.
This is NFS v3 over TCP and the nfs client is linux 2.4