From owner-freebsd-pf@FreeBSD.ORG Thu Jun 14 15:20:34 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0C32516A468 for ; Thu, 14 Jun 2007 15:20:34 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from frontmail.ipactive.de (frontmail.maindns.de [85.214.95.103]) by mx1.freebsd.org (Postfix) with ESMTP id C3CFE13C489 for ; Thu, 14 Jun 2007 15:20:33 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from mail.vtec.ipme.de (Q7cc2.q.ppp-pool.de [89.53.124.194]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by frontmail.ipactive.de (Postfix) with ESMTP id D171E128844; Thu, 14 Jun 2007 17:20:26 +0200 (CEST) Received: from cesar.sz.vwsoft.com (cesar.sz.vwsoft.com [192.168.16.3]) by mail.vtec.ipme.de (Postfix) with ESMTP id 8FEB73F525; Thu, 14 Jun 2007 17:19:20 +0200 (CEST) Message-ID: <46715C7F.4060602@vwsoft.com> Date: Thu, 14 Jun 2007 17:19:27 +0200 From: Volker User-Agent: Thunderbird 2.0.0.0 (X11/20070528) MIME-Version: 1.0 To: Roger Miranda References: <200706140833.50583.rmiranda@digitalrelay.ca> <467149DE.3080600@vwsoft.com> <200706140921.53115.rmiranda@digitalrelay.ca> In-Reply-To: <200706140921.53115.rmiranda@digitalrelay.ca> X-Enigmail-Version: 0.95.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-VWSoft-MailScanner: Found to be clean X-MailScanner-From: volker@vwsoft.com X-ipactive-MailScanner-Information: Please contact the ISP for more information X-ipactive-MailScanner: Found to be clean X-ipactive-MailScanner-From: volker@vwsoft.com Cc: "FreeBSD \(PF\)" Subject: Re: PF error message looping on screen. System Locked. X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Jun 2007 15:20:34 -0000 [re-added cc:pf to have a wider audience, please keep this] On 06/14/07 16:21, Roger Miranda wrote: >> I remember a discussion about your machine in stable@ some time ago. > Yes. I have come a bit further. Generally I would get nothing on the screen. > I just started getting this. > >>> We have transfered 150GB (+/-) >> Using sftp, ftp, http or ...? > http / NFS / SMB >> Are you by any chance being able to get a photopicture (with fast >> shutter time) of the debug messages? Do you have anything in >> /var/log/debug.log /var/log/messages which might be useful? > > I do not have nothing with that fast of a shutter. I looked in the logs the > message the loops is not there. But I did find the follwoing: > > Jun 13 10:22:32 kernel: pf: dropping packet with ip options > Jun 13 10:22:33 last message repeated 5 times Roger, I don't think this message is related to your trouble. I think you can also avoid these messages by adding 'no scrub' to your pf.conf (I'm currently not aware of any side effects by adding this). Probably Max has some more suggestions on not scrubbing packets. You should get a debugger into your kernel (like Max suggested) and probably also use `pfctl -x loud' or `pfctl -x misc' to get more messages out of pf. If these messages are popping up again, break the system into the debugger and look for the messages (using 'scroll lock' to scroll back some pages), ps and a backtrace. HTH Volker