From owner-freebsd-ipfw@FreeBSD.ORG Thu Jul 29 12:48:06 2010 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 20C0A106566B for ; Thu, 29 Jul 2010 12:48:06 +0000 (UTC) (envelope-from cosmic17@yandex.ru) Received: from forward15.mail.yandex.net (forward15.mail.yandex.net [95.108.130.119]) by mx1.freebsd.org (Postfix) with ESMTP id C6FD08FC0A for ; Thu, 29 Jul 2010 12:48:05 +0000 (UTC) Received: from web35.yandex.ru (web35.yandex.ru [213.180.223.11]) by forward15.mail.yandex.net (Yandex) with ESMTP id E78B844588D2 for ; Thu, 29 Jul 2010 16:48:03 +0400 (MSD) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1280407683; bh=imKaoC+WCoE+fWqR5oAnb6qTmRY8cDa+NwvEe22P+tE=; h=From:To:Subject:MIME-Version:Message-Id:Date: Content-Transfer-Encoding:Content-Type; b=di6KetCoXor2sZ+tW+wKEH0xNAMuI+OEWyS1BACXyYPrV/WVMDobp0Cc0MuBitgWn iFaVkA3v/rS5Fa018AAr1MUpA0C6V4+gVnRSMky/lLThZTu6lBH3XidcrSAbM/AlLf nNRYtztJ2lKoPZj2hwtQjteJX7TVbrGA+J+ckQUc= Received: from localhost (localhost.localdomain [127.0.0.1]) by web35.yandex.ru (Yandex) with ESMTP id E3C8628D008A for ; Thu, 29 Jul 2010 16:48:03 +0400 (MSD) X-Yandex-Spam: 1 X-Yandex-Front: web35.yandex.ru X-Yandex-TimeMark: 1280407683 Received: from 50.83.vltele.com (50.83.vltele.com [79.174.50.83]) by mail.yandex.ru with HTTP; Thu, 29 Jul 2010 16:48:02 +0400 From: Dmukha Nikolay To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Message-Id: <71291280407682@web35.yandex.ru> Date: Thu, 29 Jul 2010 16:48:02 +0400 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain Subject: ipfw3: Cannot allocate memory X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jul 2010 12:48:06 -0000 Hello. There is some problem with ipfw3 from Luigi Rizzo. uname -a: FreeBSD test 8.0-STABLE-201005 FreeBSD 8.0-STABLE-201005 #0: Wed Jul 28 12:04:29 MSD 2010 root@test:/usr/src/sys/amd64/compile/MYKERNEL amd64 The rules in /etc/rc.firewall like: ... $IPFW pipe 11 config bw 1040Kbit/s mask dst-ip 0xffffffff $IPFW pipe 12 config bw 1040Kbit/s mask src-ip 0xffffffff ########pipe 11 $IPFW sched 11 config type QFQ mask dst-ip 0xffffff00 $IPFW queue 113 config sched 11 weight 4 $IPFW queue 114 config sched 11 weight 1 $IPFW add queue 113 ip from any to table\(10\) via igb0 out proto tcp src-port 5223, 2009, 2106, 3724, 6112, 6881-6999, 7777, 27000-27050, 42292 $IPFW add queue 113 ip from any to table\(10\) via igb0 out proto icmp $IPFW add queue 114 ip from any to table\(10\) via igb0 out $IPFW add queue 113 ip from any to table\(10\) via igb2 out proto tcp src-port 5223, 2009, 2106, 3724, 6112, 6881-6999, 7777, 27000-27050, 42292 $IPFW add queue 113 ip from any to table\(10\) via igb2 out proto icmp $IPFW add queue 114 ip from any to table\(10\) via igb2 out ########pipe 12 $IPFW sched 12 config type QFQ mask src-ip 0xffffff00 $IPFW queue 123 config sched 12 weight 4 $IPFW queue 124 config sched 12 weight 1 $$IPFW add queue 123 ip from table\(11\) to any via igb1 out proto tcp dst-port 5223, 2009, 2106, 3724, 6112, 6881-6999, 7777, 27000-27050, 42292 $IPFW add queue 123 ip from table\(11\) to any via igb1 out proto icmp $IPFW add queue 124 ip from table\(11\) to any via igb1 out $IPFW add queue 123 ip from table\(11\) to any via igb3 out proto tcp dst-port 5223, 2009, 2106, 3724, 6112, 6881-6999, 7777, 27000-27050, 42292 $IPFW add queue 123 ip from table\(11\) to any via igb3 out proto icmp $IPFW add queue 124 ip from table\(11\) to any via igb3 out ... Every morning script restart firewall at 6 o`clock. There was no any problems with it for a few months. But in the morning I saw messages below and firewall doesn`t work correctly: ... update_fs fs 111 for sch 11 not 20 still unlinked config_sched cannot allocate scheduler 65556 ipfw: setsockopt(IP_DUMMYNET_CONFIGURE): Cannot allocate memory .... And so on for all my schedulers and queues. I tried to restart ipfw by hand, but had no good results - the same messages. Firewall worked correctly after reboot the system. Do you know what is the problem with ipfw? Thanks.