From owner-freebsd-stable@FreeBSD.ORG Tue Aug 31 17:40:26 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2919F16A4D2 for ; Tue, 31 Aug 2004 17:40:26 +0000 (GMT) Received: from smtp04.wanadoo.nl (smtp04.wanadoo.nl [194.134.35.144]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC73943D5F for ; Tue, 31 Aug 2004 17:40:12 +0000 (GMT) (envelope-from thevault@wanadoo.nl) Received: from parade (c3eea06a1.cable.wanadoo.nl [62.234.6.161]) by smtp4.wanadoo.nl (Postfix) with SMTP id 78928551E3 for ; Tue, 31 Aug 2004 19:40:08 +0200 (CEST) Message-ID: <001d01c48f81$8dc0c330$17020a0a@paisley.park> From: "Henk Schultz" To: Date: Tue, 31 Aug 2004 19:40:01 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Subject: IPFilter problem on 4.10p2 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Henk Schultz List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Aug 2004 17:40:26 -0000 I have a firewall running on a PentiumPro with 512MB ram. My internet connection is Cable (wanadoo). I was on 4.9 Stable p3. Last Sunday I've cvsupped my sources to 4.10p2 and did a make buildworld cycle as described in the freesbd handbook. No errors occurred during compile or install actions. I use no optimizing in the make.conf (No -O3....) After rebooting this server came up, nothing special..it made connection to the internet and all was fine.. But since then the connection is very very slow. My normal ping times are ~25ms now they are 1000ms. My download speeds also have dropped dramaticly. I've rebooted and fired up the 4.9 kernel and all problem were solved! So I can rule out that it has anything to do with my ipf.rules...Or?? I cannot find anything on the web regarding Ipf and 4.10 behaving badly..maybe you all have some ideas? Info: [u@controversy Henk# uname -v FreeBSD 4.10-RELEASE-p2 #1: Tue Aug 31 18:32:41 CEST 2004 Henk@controversy.paisley.park:/usr/obj/usr/src/sys/FIREWALL2 [u@controversy Henk# netstat -mb 257/320/6016 mbufs in use (current/peak/max): 257 mbufs allocated to data 256/276/1504 mbuf clusters in use (current/peak/max) 632 Kbytes allocated to network (14% of mb_map in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines [u@controversy Henk# ipfstat IPv6 packets: in 0 out 0 input packets: blocked 439 passed 15815 nomatch 0 counted 0 short 0 output packets: blocked 0 passed 15733 nomatch 0 counted 0 short 0 input packets logged: blocked 439 passed 0 output packets logged: blocked 0 passed 0 packets logged: input 0 output 0 log failures: input 0 output 0 fragment state(in): kept 0 lost 0 fragment state(out): kept 0 lost 0 packet state(in): kept 289 lost 0 packet state(out): kept 39 lost 0 ICMP replies: 5 TCP RSTs sent: 395 Invalid source(in): 0 Result cache hits(in): 188 (out): 0 IN Pullups succeeded: 0 failed: 0 OUT Pullups succeeded: 0 failed: 0 Fastroute successes: 400 failures: 0 TCP cksum fails(in): 0 (out): 0 Packet log flags set: (0) none (need more info? let me know!)