On 2/3/2016 6:47 PM, Matthew Grooms wrote:
This turned out to be another issue that was patched in head but not
back ported to stable. I can't explain why it didn't get tripped when
GRE tunnels were disabled. With the patch applied, I can reload my
rule sets again without crashing .
On 2/3/2016 4:56 PM, Matthew Grooms wrote:
All,
I recently upgraded a pair of 10.0-RELEASE firewalls in the hope that
I could avoid the local patching required to keep it up and running.
Unfortunately, it crashes whenever I reload my pf firewall rule set.
If I remove the GRE tunnel
All,
I recently upgraded a pair of 10.0-RELEASE firewalls in the hope that I
could avoid the local patching required to keep it up and running.
Unfortunately, it crashes whenever I reload my pf firewall rule set. If
I remove the GRE tunnel configurations from rc.conf, it happily reloads
the r
Max,
Not a problem. Looks good so far. Its been up for an hour or a
half with all the debug options turned on. I will let it cook in my
production environment over the weekend and update you on Monday. Thanks
for your help.
Matthew Grooms
Max Laier wrote:
On Thursday 09 June 2005 01
Are these available for download somewhere? I am getting rejected chunks
and I suspect it may be the mail client I am using. This does apply
cleanly to 5.4-RELEASE correct?
Matthew Grooms
Network Engineer
Seton Healthcare Network
http://www.seton.net/
[EMAIL PROTECTED]
(512) 324 9913
Max
BTW : Had you tested pfsync between two SMP systems with decent traffic
flow? It usually took about 3 days to hit the LOR but the panic shows up
in about 10-20 minutes.
Matthew Grooms
Network Engineer
Seton Healthcare Network
http://www.seton.net/
[EMAIL PROTECTED]
(512) 324 9913
Max Laier
Palle,
Its a dell 2850 w/ Dual CPU, AMR controller and 6x em devices ( 2x on
board and 4x Intel Pro 1000 MT ). If you still want the full dmesg
output, reply and I will send it to you.
I suspect the issues I am seeing are related to a SMP locking deficiency
in pf/pfsync. I have a second iden
All,
I am experiencing lockups on a production 5.4 amd64 SMP system.
Its lightly loaded and seems to last about 3-5 days before it stops
responding to network or even console interaction. The system is acting
as a firewall and runs a mostly stock kernel with IPV6 removed and SMP,
PF, PFL
