Hello, all.
We got a heavy load server with pf mostly doing nat and redirection.
[EMAIL PROTECTED] -r
6.1-RELEASE
[EMAIL PROTECTED] -sr | wc -l
546
[EMAIL PROTECTED] -ss | wc -l
9452
Traffic is about 8 Mb/s.
/etc/inetd.conf: ftp-proxy stream tcp nowait root
/usr/libexec/ftp-proxy ftp-proxy -u proxy -m 55000 -M 57000 -t 180
/etc/pf.conf: rdr on $int_if proto tcp from any to any port 21 -> 127.0.0.1
port 8021
Traffic is about 8 megabit/s.
All working ok until we turn on ftp-proxy.
After that(and some time) server suddenly hang.
Just hang, no kernel trap and clear console, didn't responding for any
key(I don't know how might that be, never expect it from BSD).
Meanwhile I can see one event relating to that - ftp-proxy.
And its not hardware issue, we got two identical server(hp dl 380, afair)
working in carp, and both hanging.
Last messages:
Dec 7 15:14:42 fw inetd[640]: ftp-proxy from 10.10.1.70 exceeded counts/min
(limit 60/min)
Dec 7 15:14:44 fw inetd[640]: ftp-proxy from 10.10.1.70 exceeded counts/min
(limit 60/min)
Dec 7 15:14:45 fw ftp-proxy[64195]: xfer_data (server to client): failed
(Connection reset by peer) with flags 00
Dec 7 15:14:55 fw ftp-proxy[64196]: xfer_data (server to client): failed
(Connection reset by peer) with flags 00
Dec 7 15:32:31 fw syslogd: kernel boot file is /boot/kernel/kernel
Are there any known issue with ftp-proxy+pf?
What should we do?
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
