IPFilter problem on 4.10p2

Henk Schultz thevault at wanadoo.nl
Tue Aug 31 10:40:26 PDT 2004


I have a firewall running on a PentiumPro with 512MB ram. My internet
connection is Cable (wanadoo).
I was on 4.9 Stable p3.
Last Sunday I've cvsupped my sources to 4.10p2 and did a make buildworld
cycle as described in the freesbd handbook. No errors occurred during
compile or install actions.
I use no optimizing in the make.conf (No -O3....)

After rebooting this server came up, nothing special..it made connection to
the internet and all was fine..
But since then the connection is very very slow.
My normal ping times are ~25ms now they are 1000ms. My download speeds also
have dropped dramaticly.

I've rebooted and fired up the 4.9 kernel and all problem were solved!
So I can rule out that it has anything to do with my ipf.rules...Or??

I cannot find anything on the web regarding Ipf and 4.10 behaving
badly..maybe you all have some ideas?

Info:
[u at controversy Henk# uname -v
FreeBSD 4.10-RELEASE-p2 #1: Tue Aug 31 18:32:41 CEST 2004
Henk at controversy.paisley.park:/usr/obj/usr/src/sys/FIREWALL2

[u at controversy Henk# netstat -mb
257/320/6016 mbufs in use (current/peak/max):
        257 mbufs allocated to data
256/276/1504 mbuf clusters in use (current/peak/max)
632 Kbytes allocated to network (14% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines

[u at controversy Henk# ipfstat
 IPv6 packets:          in 0 out 0
 input packets:         blocked 439 passed 15815 nomatch 0 counted 0 short 0
output packets:         blocked 0 passed 15733 nomatch 0 counted 0 short 0
 input packets logged:  blocked 439 passed 0
output packets logged:  blocked 0 passed 0
 packets logged:        input 0 output 0
 log failures:          input 0 output 0
fragment state(in):     kept 0  lost 0
fragment state(out):    kept 0  lost 0
packet state(in):       kept 289        lost 0
packet state(out):      kept 39 lost 0
ICMP replies:   5       TCP RSTs sent:  395
Invalid source(in):     0
Result cache hits(in):  188     (out):  0
IN Pullups succeeded:   0       failed: 0
OUT Pullups succeeded:  0       failed: 0
Fastroute successes:    400     failures:       0
TCP cksum fails(in):    0       (out):  0
Packet log flags set: (0)
        none

(need more info? let me know!)




More information about the freebsd-stable mailing list