From owner-freebsd-pf@FreeBSD.ORG Wed Mar 17 08:38:05 2010 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E5CF41065672; Wed, 17 Mar 2010 08:38:05 +0000 (UTC) (envelope-from dhartmei@insomnia.benzedrine.cx) Received: from insomnia.benzedrine.cx (106-30.3-213.fix.bluewin.ch [213.3.30.106]) by mx1.freebsd.org (Postfix) with ESMTP id E7A0A8FC19; Wed, 17 Mar 2010 08:38:04 +0000 (UTC) Received: from insomnia.benzedrine.cx (localhost.benzedrine.cx [127.0.0.1]) by insomnia.benzedrine.cx (8.14.1/8.13.4) with ESMTP id o2H8CvQU006780 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO); Wed, 17 Mar 2010 09:12:57 +0100 (MET) Received: (from dhartmei@localhost) by insomnia.benzedrine.cx (8.14.1/8.12.10/Submit) id o2H8CuXu015017; Wed, 17 Mar 2010 09:12:56 +0100 (MET) Date: Wed, 17 Mar 2010 09:12:56 +0100 From: Daniel Hartmeier To: kevin Message-ID: <20100317081256.GA21633@insomnia.benzedrine.cx> References: <4B8E4850.1060104@zirakzigil.org> <4B9EA5A2.4010900@zirakzigil.org> <00bc01cac53d$a92f0b70$fb8d2250$@com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00bc01cac53d$a92f0b70$fb8d2250$@com> User-Agent: Mutt/1.5.12-2006-07-14 Cc: freebsd-net@freebsd.org, freebsd-pf@freebsd.org Subject: Re: PF + BRIDGE + PFSYNC causes system freezing X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Mar 2010 08:38:06 -0000 On Tue, Mar 16, 2010 at 03:19:51PM -0400, kevin wrote: > I would like to assist in diagnosing this issue so if anyone wants me to > check anything or test, please let me know. I would really like to > understand this problem. What are your settings for $ sysctl -a | grep bridge.pfil Have you tried filtering only on one of the physical bridge interfaces, with net.link.bridge.pfil_bridge=0 and set skip on { lo0, bridge0, em1 }? Daniel