Date: Wed, 13 Oct 2010 01:17:58 -0700 From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: Marcin <nickson@interia.pl> Cc: freebsd-stable@freebsd.org Subject: Re: Problem with security log Message-ID: <20101013081758.GA52870@icarus.home.lan> In-Reply-To: <AANLkTimy6anK4VGnUzhw=YyiNrKjki-H8qruvh4Dfq%2BT@mail.gmail.com> References: <AANLkTimy6anK4VGnUzhw=YyiNrKjki-H8qruvh4Dfq%2BT@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 12, 2010 at 10:50:28PM +0200, Marcin wrote: > Hi folks, > > For some time in the file / var / log / security appear illegible entries: > kernel: ipfw: 200 Deny UDiPp f1w9:2 .168.10.5:5230503 D22e4n.y0 > .U0D.P25 1:15923.5136 o8.u10t. 5va5 3r5e03 224.0.0.251:5353 in via re0 > > How to get rid of it? Please help... There isn't a 100% reliable way to get rid of this problem. I've been harping about this for years (sorry to sound like a jerk, but this really is a major problem that keeps coming up and annoys users/admins to no end. There are solutions -- Linux solved it by implementing a lockless circular ring buffer[1] used by kmsg). The """workaround""" -- which again, does not solve the problem, only decreases the regularity of it happening (and when it does happen, can sometimes decrease how much interspersed output there is) -- is to add the following line to your kernel config and rebuild/reinstall your kernel: options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. This option became part of the GENERIC kernel configuration file at the following times: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/amd64/conf/GENERIC#rev1.529 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/i386/conf/GENERIC#rev1.517 Depending on what release/tag you follow, you may or may not find the above commit/change in your GENERIC file. I can't be bothered to track down what time the CVS tagging was done, for multiple architectures, etc... [1]: http://www.mjmwired.net/kernel/Documentation/trace/ring-buffer-design.txt -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101013081758.GA52870>