Date: Tue, 9 Apr 2002 18:14:00 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: "Somphol B." <somphol@gits.net.th> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: IPFILTER Message-ID: <20020409180750.N5464-100000@cactus.fi.uba.ar> In-Reply-To: <011c01c1e00b$625b57a0$cc9a96cb@ple>
next in thread | previous in thread | raw e-mail | index | archive | help
Please wrap your lines at ~70 chars On Wed, 10 Apr 2002, Somphol B. wrote: > I am running FreeBSD 4.5-Release on a machine with 2 NICs. I have setup the > IPFILTER (to protect the host) with the following rules. It is fine for > a few hours or sometimes a few days, then my machine was misteriously frozen. > I could ping, but couldn't ssh to the host. Logging in to the host, I > couldn't even do nslookup. BTW, when the machine froze, the log does show > that packets were blocked heavily. > > Am I missing something obvious here? Two wild guesses: 1. Your state table is filling up. Whats the output of "ipfstat -s" when the machine freezes? 2. if you are logging everything you block, maybe ipmon is eating all your cpu or the machine is busy doing heavy I/O. try ps, top, vmstat and friends to find out if that is the case. Fer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020409180750.N5464-100000>