From owner-freebsd-pf@FreeBSD.ORG Wed Feb 9 10:25:17 2005 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F204516A4CE for ; Wed, 9 Feb 2005 10:25:17 +0000 (GMT) Received: from top.topocentras.lt (top.topocentras.lt [213.197.161.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 7600443D1D for ; Wed, 9 Feb 2005 10:25:16 +0000 (GMT) (envelope-from news@topocentras.lt) Received: (qmail 26962 invoked by uid 1013); 9 Feb 2005 10:00:34 -0000 Received: from news@topocentras.lt by top by uid 64011 with qmail-scanner-1.22 (clamdscan: 0.71. Clear:RC:1(213.197.161.67):. Processed in 0.40861 secs); 09 Feb 2005 10:00:34 -0000 X-Qmail-Scanner-Mail-From: news@topocentras.lt via top X-Qmail-Scanner: 1.22 (Clear:RC:1(213.197.161.67):. Processed in 0.40861 secs) Received: from unknown (HELO ?192.168.0.84?) (213.197.161.67) by top.topocentras.lt with SMTP; 9 Feb 2005 10:00:33 -0000 Message-ID: <4209E50E.2010603@topocentras.lt> Date: Wed, 09 Feb 2005 12:25:18 +0200 From: Albertas Guscius User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: squid with pf problem X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Feb 2005 10:25:18 -0000 Hello, I have problem running squid and packet filter. After certain moment it hangs machine. I tried three different types of hardware, so I think it is problem with software. Squid is compiled with pf support. Rule in pf: rdr on $int_if proto tcp from any to any port http -> 127.0.0.1 port 3128 I'm using xl() NIC's. FreeBSD xxx 5.3-RELEASE-p5 FreeBSD 5.3-RELEASE-p5 #3: Wed Feb 9 10: 31:09 EET 2005 xxx@xxx:/usr/obj/usr/src/sys/GENERIC i386 It looks that I tried everything, that I found on internet. "options NET_WITH_GIANT" debug.mpsafenet=0 net.inet.tcp.sack.enable=0 But still getting the same result: fault virtual address = 0x18 fault code = supervisor read, page not present instruction pointer = 0x8:0xffffffff803a14b3 stack pointer = 0x10:0xffffffffb1bd9800 frame pointer = 0x10:0x0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 44 (swi1: net) trap number = 12 I think that problem is with pf, because even then squid is not running, machine hangs once a day. With squid it hangs much faster (in few minutes).