Date: Thu, 06 Sep 2007 10:17:09 +0100 From: Tom Judge <tom@tomjudge.com> To: Gloomy Group <gloomygroup@hotmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Interface Status changes to UP and Down Message-ID: <46DFC595.7050803@tomjudge.com> In-Reply-To: <BAY131-W17445397811F3DD21C974FAFC40@phx.gbl> References: <BAY131-W17445397811F3DD21C974FAFC40@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
Gloomy Group wrote: > Hi all, > > I am running Freebsd 6.2 as Transparent proxy Server. My hardware is Intel(R) Pentium(R) 4 CPU 3.00GHz, 1GB DDR2 Memory and 2 SATA hardisk. While checking dmesg it shows link state change to up and Down and sometimes the server crashes. > > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > ipfw: pullup failed > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > fxp0: link state changed to UP > fxp0: link state changed to DOWN > > > Is this due to misconfigured firewall rules or some special tuning need in kernel variables; Below is my IPFW rules: This is most likely to be being caused by a cable or hardware problem (NIC or switch). The firewall can't affect the link state of the NIC. Tom > > 00100 allow ip from any to any via lo0 > 00101 check-state > 00102 deny icmp from any to any in icmptypes 5,9,13,14,15,16,17 > 00200 allow icmp from 202.xx.xx.0/24 to me in > 00201 allow icmp from 202.xx.xx.0/24 to me in > 00300 allow tcp from me to any out keep-state > 00301 allow udp from me to any dst-port 53 keep-state > 00302 allow ip from me to any out keep-state > 00303 allow tcp from any 80,443 to me in keep-state > 00304 allow tcp from any 80,443 to any out keep-state > 00400 allow tcp from 202.79.xx.0/24 to me dst-port 2001 keep-state > 00500 allow udp from 202.79.xx.xx 3130 to me dst-port 3130 keep-state > 00501 allow tcp from 202.79.xx.xx 3128 to me in > 00600 allow udp from 202.79.xx.xx to me dst-port 161 keep-state > 00601 allow udp from 202.79.xx.xx to me dst-port 3401 keep-state > 03000 allow tcp from 202.79.xx.0/24 to me dst-port 3128 > 03001 allow tcp from 202.79.xx.0/24 to me dst-port 3128 > 03002 fwd 127.0.0.1,3128 tcp from 202.79.xx.0/24 to any dst-port 80 keep-state > 03003 fwd 127.0.0.1,3128 tcp from 202.79.xx.0/24 to any dst-port 80 keep-state > 65534 deny log logamount 200 ip from any to any >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46DFC595.7050803>