squid with pf problem

Max Laier max at love2party.net
Wed Feb 9 04:55:41 PST 2005 

On Wednesday 09 February 2005 11:25, Albertas Guscius wrote:
> Hello,
> I have problem running squid and packet filter.
> After certain moment it hangs machine. I tried three different types of
> hardware, so I think it is problem with software.
> Squid is compiled with pf support.
> Rule in pf:  rdr on $int_if proto tcp from any to any port http ->
> 127.0.0.1 port 3128
> I'm using xl() NIC's.
> FreeBSD xxx 5.3-RELEASE-p5 FreeBSD 5.3-RELEASE-p5 #3: Wed Feb  9 10:
> 31:09 EET 2005     xxx at xxx:/usr/obj/usr/src/sys/GENERIC  i386
>
> It looks that I tried everything, that I found on internet.
>
> "options NET_WITH_GIANT"
>
> debug.mpsafenet=0
> net.inet.tcp.sack.enable=0
>
> But still getting the same result:
>
> fault virtual address   = 0x18
> fault code              = supervisor read, page not present
> instruction pointer     = 0x8:0xffffffff803a14b3
> stack pointer           = 0x10:0xffffffffb1bd9800
> frame pointer           = 0x10:0x0
> code segment            = base 0x0, limit 0xfffff, type 0x1b
>                         = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags        = interrupt enabled, resume, IOPL = 0
> current process         = 44 (swi1: net)
> trap number             = 12
>
>
> I think that problem is with pf, because even then squid is not running,
> machine hangs once a day. With squid it hangs much faster (in few minutes).

This report is not very helpful (not helpful at all).  Please obtain at least 
a backtrace: 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/advanced.html#KERNEL-PANIC-TROUBLESHOOTING
http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html
(build in KDB and DDB and issue a "trace" when the panic shows up)

With what you have posted so far it's impossible to find the culprit.  
Nontheless, you might want to try to update src/sys/contrib/pf to RELENG_5 
(not RELENG_5_3 what you seem to have) to see if that improves the situation.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20050209/e571883b/attachment.bin

More information about the freebsd-pf mailing list