From owner-freebsd-questions Tue Apr 9 14:18:21 2002 Delivered-To: freebsd-questions@freebsd.org Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by hub.freebsd.org (Postfix) with ESMTP id 5308E37B417 for ; Tue, 9 Apr 2002 14:18:05 -0700 (PDT) Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by cactus.fi.uba.ar (8.11.6/8.11.6) with ESMTP id g39LE0827890; Tue, 9 Apr 2002 18:14:00 -0300 (ART) (envelope-from fgleiser@cactus.fi.uba.ar) Date: Tue, 9 Apr 2002 18:14:00 -0300 (ART) From: Fernando Gleiser To: "Somphol B." Cc: Subject: Re: IPFILTER In-Reply-To: <011c01c1e00b$625b57a0$cc9a96cb@ple> Message-ID: <20020409180750.N5464-100000@cactus.fi.uba.ar> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Please wrap your lines at ~70 chars On Wed, 10 Apr 2002, Somphol B. wrote: > I am running FreeBSD 4.5-Release on a machine with 2 NICs. I have setup the > IPFILTER (to protect the host) with the following rules. It is fine for > a few hours or sometimes a few days, then my machine was misteriously frozen. > I could ping, but couldn't ssh to the host. Logging in to the host, I > couldn't even do nslookup. BTW, when the machine froze, the log does show > that packets were blocked heavily. > > Am I missing something obvious here? Two wild guesses: 1. Your state table is filling up. Whats the output of "ipfstat -s" when the machine freezes? 2. if you are logging everything you block, maybe ipmon is eating all your cpu or the machine is busy doing heavy I/O. try ps, top, vmstat and friends to find out if that is the case. Fer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message