From owner-freebsd-net@FreeBSD.ORG Thu Sep 6 03:10:49 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3C35A16A417 for ; Thu, 6 Sep 2007 03:10:49 +0000 (UTC) (envelope-from gloomygroup@hotmail.com) Received: from bay0-omc1-s22.bay0.hotmail.com (bay0-omc1-s22.bay0.hotmail.com [65.54.246.94]) by mx1.freebsd.org (Postfix) with ESMTP id 2B7CB13C45D for ; Thu, 6 Sep 2007 03:10:49 +0000 (UTC) (envelope-from gloomygroup@hotmail.com) Received: from BAY131-W17 ([65.55.136.52]) by bay0-omc1-s22.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 5 Sep 2007 19:57:43 -0700 Message-ID: X-Originating-IP: [202.79.53.71] From: Gloomy Group To: Date: Thu, 6 Sep 2007 02:57:42 +0000 Importance: Normal MIME-Version: 1.0 X-OriginalArrivalTime: 06 Sep 2007 02:57:43.0276 (UTC) FILETIME=[B1F0CAC0:01C7F031] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Interface Status changes to UP and Down X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Sep 2007 03:10:49 -0000 Hi all, I am running Freebsd 6.2 as Transparent proxy Server. My hardware is Int= el(R) Pentium(R) 4 CPU 3.00GHz, 1GB DDR2 Memory and 2 SATA hardisk. While c= hecking dmesg it shows link state change to up and Down and sometimes the s= erver crashes. ipfw: pullup failed ipfw: pullup failed ipfw: pullup failed ipfw: pullup failed ipfw: pullup failed ipfw: pullup failed fxp0: link state changed to DOWN fxp0: link state changed to UP fxp0: link state changed to DOWN fxp0: link state changed to UP fxp0: link state changed to DOWN fxp0: link state changed to UP fxp0: link state changed to DOWN fxp0: link state changed to UP fxp0: link state changed to DOWN fxp0: link state changed to UP fxp0: link state changed to DOWN Is this due to misconfigured firewall rules or some special tuning= need in kernel variables; Below is my IPFW rules: 00100 allow ip from any to any via lo0 00101 check-state 00102 deny icmp from any to any in icmptypes 5,9,13,14,15,16,17 00200 allow icmp from 202.xx.xx.0/24 to me in 00201 allow icmp from 202.xx.xx.0/24 to me in 00300 allow tcp from me to any out keep-state 00301 allow udp from me to any dst-port 53 keep-state 00302 allow ip from me to any out keep-state 00303 allow tcp from any 80,443 to me in keep-state 00304 allow tcp from any 80,443 to any out keep-state 00400 allow tcp from 202.79.xx.0/24 to me dst-port 2001 keep-state 00500 allow udp from 202.79.xx.xx 3130 to me dst-port 3130 keep-state 00501 allow tcp from 202.79.xx.xx 3128 to me in 00600 allow udp from 202.79.xx.xx to me dst-port 161 keep-state 00601 allow udp from 202.79.xx.xx to me dst-port 3401 keep-state 03000 allow tcp from 202.79.xx.0/24 to me dst-port 3128 03001 allow tcp from 202.79.xx.0/24 to me dst-port 3128 03002 fwd 127.0.0.1,3128 tcp from 202.79.xx.0/24 to any dst-port 80 keep-st= ate 03003 fwd 127.0.0.1,3128 tcp from 202.79.xx.0/24 to any dst-port 80 keep-st= ate 65534 deny log logamount 200 ip from any to any =20 _________________________________________________________________ Invite your mail contacts to join your friends list with Windows Live Space= s. It's easy! http://spaces.live.com/spacesapi.aspx?wx_action=3Dcreate&wx_url=3D/friends.= aspx&mkt=3Den-us=