From owner-freebsd-net@FreeBSD.ORG Thu Sep 6 08:42:15 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 09C8416A420 for ; Thu, 6 Sep 2007 08:42:15 +0000 (UTC) (envelope-from tom@tomjudge.com) Received: from smtp809.mail.ird.yahoo.com (smtp809.mail.ird.yahoo.com [217.146.188.69]) by mx1.freebsd.org (Postfix) with SMTP id 4738F13C457 for ; Thu, 6 Sep 2007 08:42:14 +0000 (UTC) (envelope-from tom@tomjudge.com) Received: (qmail 32383 invoked from network); 6 Sep 2007 08:15:33 -0000 Received: from unknown (HELO ?192.168.1.2?) (thomasjudge@btinternet.com@217.44.142.35 with plain) by smtp809.mail.ird.yahoo.com with SMTP; 6 Sep 2007 08:15:32 -0000 X-YMail-OSG: yamd3I8VM1njmsT1sM2QJDTczMap36zCCc.57OIiU59XqYigzQopCfbVE8j3zleTnf8- Message-ID: <46DFC595.7050803@tomjudge.com> Date: Thu, 06 Sep 2007 10:17:09 +0100 From: Tom Judge User-Agent: Thunderbird 1.5.0.12 (X11/20070604) MIME-Version: 1.0 To: Gloomy Group References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Interface Status changes to UP and Down X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Sep 2007 08:42:15 -0000 Gloomy Group wrote: > Hi all, > > I am running Freebsd 6.2 as Transparent proxy Server. My hardware is Intel(R) Pentium(R) 4 CPU 3.00GHz, 1GB DDR2 Memory and 2 SATA hardisk. While checking dmesg it shows link state change to up and Down and sometimes the server crashes. > > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > > > Is this due to misconfigured firewall rules or some special tuning need in kernel variables; Below is my IPFW rules: This is most likely to be being caused by a cable or hardware problem (NIC or switch). The firewall can't affect the link state of the NIC. Tom > > 00100 allow ip from any to any via lo0 > 00101 check-state > 00102 deny icmp from any to any in icmptypes 5,9,13,14,15,16,17 > 00200 allow icmp from 202.xx.xx.0/24 to me in > 00201 allow icmp from 202.xx.xx.0/24 to me in > 00300 allow tcp from me to any out keep-state > 00301 allow udp from me to any dst-port 53 keep-state > 00302 allow ip from me to any out keep-state > 00303 allow tcp from any 80,443 to me in keep-state > 00304 allow tcp from any 80,443 to any out keep-state > 00400 allow tcp from 202.79.xx.0/24 to me dst-port 2001 keep-state > 00500 allow udp from 202.79.xx.xx 3130 to me dst-port 3130 keep-state > 00501 allow tcp from 202.79.xx.xx 3128 to me in > 00600 allow udp from 202.79.xx.xx to me dst-port 161 keep-state > 00601 allow udp from 202.79.xx.xx to me dst-port 3401 keep-state > 03000 allow tcp from 202.79.xx.0/24 to me dst-port 3128 > 03001 allow tcp from 202.79.xx.0/24 to me dst-port 3128 > 03002 fwd 127.0.0.1,3128 tcp from 202.79.xx.0/24 to any dst-port 80 keep-state > 03003 fwd 127.0.0.1,3128 tcp from 202.79.xx.0/24 to any dst-port 80 keep-state > 65534 deny log logamount 200 ip from any to any >