i386/110218: kmem_malloc(4096): kmem_map too small: 335544320 total
allocated
Vladimir V. Vedeneev
vvv at etelecom.ru
Mon Mar 12 11:30:13 UTC 2007
>Number: 110218
>Category: i386
>Synopsis: kmem_malloc(4096): kmem_map too small: 335544320 total allocated
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-i386
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Mar 12 11:30:12 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Vladimir V. Vedeneev
>Release: FreeBSD 6.2R
>Organization:
eTelecom Company
>Environment:
FreeBSD unlim.etelecom.ru 6.2-STABLE FreeBSD 6.2-STABLE #9: Sun Mar 11 20:36:27 MSK 2007 vvv at unlim.etelecom.ru:/usr/src/sys/i386/compile/eTelecom_unlim i386
>Description:
I use next freebsd kernel:
===========================================================================
machine i386
#cpu I486_CPU
#cpu I586_CPU
cpu I686_CPU
ident eTelecom_unlim
# To statically compile in device wiring instead of /boot/device.hints
#hints "GENERIC.hints" # Default places to look for devices.
#makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols
#options KVA_PAGES=1024
#options KVA_PAGES=512
#options MAXDSIZ="(1536*1024*1024)"
#options MAXSSIZ="(1536*1024*1024)"
#options DFLDSIZ="(1536*1024*1024)"
#options MSGMNB=8192
#options MSGSSZ=40
#options MSGTQL=512
#options VM_KMEM_SIZE_MAX=536870912
options SCHED_4BSD # 4BSD scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
#options INET6 # IPv6 communications protocols
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
options MD_ROOT # MD is a potential root device
#options NFSCLIENT # Network Filesystem Client
#options NFSSERVER # Network Filesystem Server
#options NFS_ROOT # NFS usable as /, requires NFSCLIENT
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem (requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_GPT # GUID Partition Tables.
options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
options COMPAT_FREEBSD4 # Compatible with FreeBSD4
options COMPAT_FREEBSD5 # Compatible with FreeBSD5
options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI
options KTRACE # ktrace(1) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
#options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options ADAPTIVE_GIANT # Giant mutex is adaptive.
device apic # I/O APIC
options SMP
options DEVICE_POLLING
options HZ=1000
# Bus support.
device acpi
device eisa
device pci
# Floppy drives
device fdc
# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
device ataraid # ATA RAID drives
device atapicd # ATAPI CDROM drives
device atapifd # ATAPI floppy drives
device atapist # ATAPI tape drives
options ATA_STATIC_ID # Static device numbering
# SCSI Controllers
device ahb # EISA AHA1742 family
device ahc # AHA2940 and onboard AIC7xxx devices
#options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~128k to driver.
device ahd # AHA39320/29320 and onboard AIC79xx devices
#options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
# output. Adds ~215k to driver.
device amd # AMD 53C974 (Tekram DC-390(T))
device isp # Qlogic family
#device ispfw # Firmware for QLogic HBAs- normally a module
device mpt # LSI-Logic MPT-Fusion
#device ncr # NCR/Symbios Logic
device sym # NCR/Symbios Logic (newer chipsets + those of `ncr')
device trm # Tekram DC395U/UW/F DC315U adapters
device adv # Advansys SCSI adapters
device adw # Advansys wide SCSI adapters
device aha # Adaptec 154x SCSI adapters
device aic # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
device bt # Buslogic/Mylex MultiMaster SCSI adapters
device ncv # NCR 53C500
device nsp # Workbit Ninja SCSI-3
device stg # TMC 18C30/18C50
# SCSI peripherals
device scbus # SCSI bus (required for SCSI)
device ch # SCSI media changers
device da # Direct Access (disks)
device sa # Sequential Access (tape etc)
device cd # CD
device pass # Passthrough device (direct SCSI access)
device ses # SCSI Environmental Services (and SAF-TE)
# RAID controllers interfaced to the SCSI subsystem
device amr # AMI MegaRAID
device arcmsr # Areca SATA II RAID
device asr # DPT SmartRAID V, VI and Adaptec SCSI RAID
device ciss # Compaq Smart RAID 5*
device dpt # DPT Smartcache III, IV - See NOTES for options
device hptmv # Highpoint RocketRAID 182x
device rr232x # Highpoint RocketRAID 232x
device iir # Intel Integrated RAID
device ips # IBM (Adaptec) ServeRAID
device mly # Mylex AcceleRAID/eXtremeRAID
device twa # 3ware 9000 series PATA/SATA RAID
# RAID controllers
device aac # Adaptec FSA RAID
device aacp # SCSI passthrough for aac (requires CAM)
device ida # Compaq Smart RAID
device mfi # LSI MegaRAID SAS
device mlx # Mylex DAC960 family
device pst # Promise Supertrak SX6000
device twe # 3ware ATA RAID
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device kbdmux # keyboard multiplexer
device vga # VGA video card driver
device splash # Splash screen and screen saver support
# syscons is the default console driver, resembling an SCO console
device sc
# Enable this for the pcvt (VT220 compatible) console driver
#device vt
#options XSERVER # support for X server on a vt console
#options FAT_CURSOR # start with block cursor
device agp # support several AGP chipsets
# Power management support (see NOTES for more options)
#device apm
# Add suspend/resume support for the i8254.
device pmtimer
# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
device cbb # cardbus (yenta) bridge
device pccard # PC Card (16-bit) bus
device cardbus # CardBus (32-bit) bus
# Serial (COM) ports
device sio # 8250, 16[45]50 based serial ports
# Parallel port
device ppc
device ppbus # Parallel port bus (required)
device lpt # Printer
device plip # TCP/IP over parallel
device ppi # Parallel port interface device
#device vpo # Requires scbus and da
# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to the sio and/or ppc drivers):
#device puc
# PCI Ethernet NICs.
device de # DEC/Intel DC21x4x (``Tulip'')
device em # Intel PRO/1000 adapter Gigabit Ethernet Card
#device ixgb # Intel PRO/10GbE Ethernet Card
#device txp # 3Com 3cR990 (``Typhoon'')
#device vx # 3Com 3c590, 3c595 (``Vortex'')
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
device bce # Broadcom BCM5706/BCM5708 Gigabit Ethernet
device bfe # Broadcom BCM440x 10/100 Ethernet
device bge # Broadcom BCM570xx Gigabit Ethernet
device dc # DEC/Intel 21143 and various workalikes
device fxp # Intel EtherExpress PRO/100B (82557, 82558)
#device lge # Level 1 LXT1001 gigabit Ethernet
#device nge # NatSemi DP83820 gigabit Ethernet
#device nve # nVidia nForce MCP on-board Ethernet Networking
#device pcn # AMD Am79C97x PCI 10/100(precedence over 'lnc')
#device re # RealTek 8139C+/8169/8169S/8110S
#device rl # RealTek 8129/8139
#device sf # Adaptec AIC-6915 (``Starfire'')
#device sis # Silicon Integrated Systems SiS 900/SiS 7016
#device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
#device ste # Sundance ST201 (D-Link DFE-550TX)
#device stge # Sundance/Tamarack TC9021 gigabit Ethernet
#device ti # Alteon Networks Tigon I/II gigabit Ethernet
#device tl # Texas Instruments ThunderLAN
#device tx # SMC EtherPower II (83c170 ``EPIC'')
#device vge # VIA VT612x gigabit Ethernet
#device vr # VIA Rhine, Rhine II
#device wb # Winbond W89C840F
device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
# ISA Ethernet NICs. pccard NICs included.
device cs # Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
#device ex # Intel EtherExpress Pro/10 and Pro/10+
#device ep # Etherlink III based cards
#device fe # Fujitsu MB8696x based cards
#device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
#device lnc # NE2100, NE32-VL Lance Ethernet cards
#device sn # SMC's 9000 series of Ethernet chips
#device xe # Xircom pccard Ethernet
# Wireless NIC cards
#device wlan # 802.11 support
#device wlan_wep # 802.11 WEP support
#device wlan_ccmp # 802.11 CCMP support
#device wlan_tkip # 802.11 TKIP support
#device an # Aironet 4500/4800 802.11 wireless NICs.
#device ath # Atheros pci/cardbus NIC's
#device ath_hal # Atheros HAL (Hardware Access Layer)
#device ath_rate_sample # SampleRate tx rate control for ath
#device awi # BayStack 660 and others
#device ral # Ralink Technology RT2500 wireless NICs.
#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device wl # Older non 802.11 Wavelan wireless NIC.
# Pseudo devices.
device loop # Network loopback
device random # Entropy device
device ether # Ethernet support
device sl # Kernel SLIP
device ppp # Kernel PPP
device tun # Packet tunnel.
device pty # Pseudo-ttys (telnet etc)
device md # Memory "disks"
#device gif # IPv6 and IPv4 tunneling
#device faith # IPv6-to-IPv4 relaying (translation)
# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device bpf # Berkeley packet filter
# USB support
#device uhci # UHCI PCI->USB interface
#device ohci # OHCI PCI->USB interface
#device ehci # EHCI PCI->USB interface (USB 2.0)
device usb # USB Bus (required)
#device udbp # USB Double Bulk Pipe devices
device ugen # Generic
#device uhid # "Human Interface Devices"
device ukbd # Keyboard
#device ulpt # Printer
#device umass # Disks/Mass storage - Requires scbus and da
#device ums # Mouse
#device ural # Ralink Technology RT2500USB wireless NICs
#device urio # Diamond Rio 500 MP3 player
#device uscanner # Scanners
# USB Ethernet, requires miibus
#device aue # ADMtek USB Ethernet
#device axe # ASIX Electronics USB Ethernet
#device cdce # Generic USB over Ethernet
#device cue # CATC USB Ethernet
#device kue # Kawasaki LSI USB Ethernet
#device rue # RealTek RTL8150 USB Ethernet
# FireWire support
#device firewire # FireWire bus code
#device sbp # SCSI over FireWire (Requires scbus and da)
#device fwe # Ethernet over FireWire (non-standard!)
options LIBMCHAIN
options LIBICONV
options LIBALIAS
options ALTQ
options ALTQ_CBQ
options ALTQ_RED
options ALTQ_RIO
options ALTQ_HFSC
options ALTQ_CDNR
options ALTQ_PRIQ
options ALTQ_NOPCC
options NETGRAPH
options NETGRAPH_ASYNC
options NETGRAPH_BPF
options NETGRAPH_CISCO
options NETGRAPH_ECHO
options NETGRAPH_ETHER
options NETGRAPH_HOLE
options NETGRAPH_IFACE
options NETGRAPH_KSOCKET
options NETGRAPH_L2TP
options NETGRAPH_LMI
options NETGRAPH_MPPC_ENCRYPTION
options NETGRAPH_ONE2MANY
options NETGRAPH_PPP
options NETGRAPH_PPPOE
options NETGRAPH_PPTPGRE
options NETGRAPH_RFC1490
options NETGRAPH_SOCKET
options NETGRAPH_TEE
options NETGRAPH_TTY
options NETGRAPH_UI
options NETGRAPH_VJC
options NETGRAPH_NAT
options NETGRAPH_IPFW
options IPFIREWALL
options IPFIREWALL_FORWARD
options IPDIVERT
options TCPDEBUG
options TCP_DROP_SYNFIN
options DUMMYNET
options PPP_FILTER
options PPP_BSDCOMP
======================================================================
Next hardware:
=======================================================================
vvv at unlim# cat /var/run/dmesg.boot
Copyright (c) 1992-2007 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.2-STABLE #9: Sun Mar 11 20:36:27 MSK 2007
vvv at unlim.etelecom.ru:/usr/src/sys/i386/compile/eTelecom_unlim
ACPI APIC Table: <PTLTD APIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Xeon(R) CPU 5140 @ 2.33GHz (2327.51-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0x6f6 Stepping = 6
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Features2=0x4e3bd<SSE3,RSVD2,MON,DS_CPL,VMX,EST,TM2,<b9>,CX16,<b14>,<b15>,<b18>>
AMD Features=0x20100000<NX,LM>
AMD Features2=0x1<LAHF>
Cores per package: 2
real memory = 2146435072 (2047 MB)
avail memory = 2095124480 (1998 MB)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
cpu0 (BSP): APIC ID: 0
cpu1 (AP): APIC ID: 1
cpu2 (AP): APIC ID: 6
cpu3 (AP): APIC ID: 7
ioapic0 <Version 2.0> irqs 0-23 on motherboard
ioapic1 <Version 2.0> irqs 24-47 on motherboard
ioapic2 <Version 2.0> irqs 48-71 on motherboard
acpi0: <PTLTD RSDT> on motherboard
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
cpu0: <ACPI CPU> on acpi0
acpi_throttle0: <ACPI CPU Throttling> on cpu0
cpu1: <ACPI CPU> on acpi0
acpi_throttle1: <ACPI CPU Throttling> on cpu1
acpi_throttle1: failed to attach P_CNT
device_attach: acpi_throttle1 attach returned 6
cpu2: <ACPI CPU> on acpi0
acpi_throttle2: <ACPI CPU Throttling> on cpu2
acpi_throttle2: failed to attach P_CNT
device_attach: acpi_throttle2 attach returned 6
cpu3: <ACPI CPU> on acpi0
acpi_throttle3: <ACPI CPU Throttling> on cpu3
acpi_throttle3: failed to attach P_CNT
device_attach: acpi_throttle3 attach returned 6
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <ACPI PCI-PCI bridge> at device 2.0 on pci0
pci1: <ACPI PCI bus> on pcib1
pcib2: <ACPI PCI-PCI bridge> irq 16 at device 0.0 on pci1
pci2: <ACPI PCI bus> on pcib2
pcib3: <ACPI PCI-PCI bridge> irq 16 at device 0.0 on pci2
pci3: <ACPI PCI bus> on pcib3
pcib4: <ACPI PCI-PCI bridge> irq 17 at device 1.0 on pci2
pci4: <ACPI PCI bus> on pcib4
pcib5: <ACPI PCI-PCI bridge> irq 18 at device 2.0 on pci2
pci5: <ACPI PCI bus> on pcib5
pcib6: <ACPI PCI-PCI bridge> at device 0.3 on pci1
pci6: <ACPI PCI bus> on pcib6
pcib7: <ACPI PCI-PCI bridge> at device 3.0 on pci0
pci7: <ACPI PCI bus> on pcib7
em0: <Intel(R) PRO/1000 Network Connection Version - 6.2.9> port 0x2000-0x201f mem 0xd8000000-0xd801ffff irq 16 at device 0.0 on pci7
em0: Ethernet address: 00:18:f3:5c:40:6a
em1: <Intel(R) PRO/1000 Network Connection Version - 6.2.9> port 0x2020-0x203f mem 0xd8020000-0xd803ffff irq 17 at device 0.1 on pci7
em1: Ethernet address: 00:18:f3:5c:40:6b
pcib8: <ACPI PCI-PCI bridge> at device 4.0 on pci0
pci8: <ACPI PCI bus> on pcib8
pcib9: <PCI-PCI bridge> at device 5.0 on pci0
pci9: <PCI bus> on pcib9
pcib10: <ACPI PCI-PCI bridge> at device 6.0 on pci0
pci10: <ACPI PCI bus> on pcib10
pcib11: <ACPI PCI-PCI bridge> at device 7.0 on pci0
pci11: <ACPI PCI bus> on pcib11
pci0: <base peripheral> at device 8.0 (no driver attached)
pcib12: <ACPI PCI-PCI bridge> irq 17 at device 28.0 on pci0
pci12: <ACPI PCI bus> on pcib12
pcib13: <ACPI PCI-PCI bridge> at device 0.0 on pci12
pci13: <ACPI PCI bus> on pcib13
mpt0: <LSILogic SAS/SATA Adapter> port 0x3000-0x30ff mem 0xd8410000-0xd8413fff,0xd8400000-0xd840ffff irq 50 at device 3.0 on pci13
mpt0: [GIANT-LOCKED]
mpt0: MPI Version=1.5.12.0
mpt0: mpt_cam_event: 0x16
mpt0: Unhandled Event Notify Frame. Event 0x16 (ACK not required).
mpt0: mpt_cam_event: 0x12
mpt0: Unhandled Event Notify Frame. Event 0x12 (ACK not required).
mpt0: mpt_cam_event: 0x16
mpt0: Unhandled Event Notify Frame. Event 0x16 (ACK not required).
pci0: <serial bus, USB> at device 29.0 (no driver attached)
pci0: <serial bus, USB> at device 29.1 (no driver attached)
pci0: <serial bus, USB> at device 29.2 (no driver attached)
pci0: <serial bus, USB> at device 29.3 (no driver attached)
pci0: <serial bus, USB> at device 29.7 (no driver attached)
pcib14: <ACPI PCI-PCI bridge> at device 30.0 on pci0
pci14: <ACPI PCI bus> on pcib14
pci14: <display, VGA> at device 2.0 (no driver attached)
isab0: <PCI-ISA bridge> at device 31.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel 63XXESB2 UDMA100 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1880-0x188f at device 31.1 on pci0
ata0: <ATA channel 0> on atapci0
ata1: <ATA channel 1> on atapci0
atapci1: <Intel 63XXESB2 SATA300 controller> port 0x18c8-0x18cf,0x18ac-0x18af,0x18c0-0x18c7,0x18a8-0x18ab,0x18b0-0x18bf mem 0xd8700400-0xd87007ff irq 19 at device 31.2 on pci0
ata2: <ATA channel 0> on atapci1
ata3: <ATA channel 1> on atapci1
pci0: <serial bus, SMBus> at device 31.3 (no driver attached)
acpi_button0: <Power Button> on acpi0
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
atkbd0: [GIANT-LOCKED]
sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
sio0: type 16550A
sio1: <16550A-compatible COM port> port 0x2f8-0x2ff irq 3 on acpi0
sio1: type 16550A
fdc0: <floppy drive controller> port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on acpi0
fdc0: does not respond
device_attach: fdc0 attach returned 6
ppc0: <ECP parallel printer port> port 0x378-0x37f,0x778-0x77f irq 7 drq 3 on acpi0
ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode
ppc0: FIFO with 16/16/9 bytes threshold
ppbus0: <Parallel port bus> on ppc0
ppi0: <Parallel I/O> on ppbus0
plip0: <PLIP network interface> on ppbus0
lpt0: <Printer> on ppbus0
lpt0: Interrupt-driven port
fdc0: <floppy drive controller> port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on acpi0
fdc0: does not respond
device_attach: fdc0 attach returned 6
pmtimer0 on isa0
orm0: <ISA Option ROMs> at iomem 0xc0000-0xc8fff,0xc9000-0xc9fff on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
Timecounters tick every 1.000 msec
ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding enabled, default to deny, logging disabled
acd0: DVDROM <TSSTcorpDVD-ROM TS-L332A/AU00> at ata0-master UDMA33
SMP: AP CPU #1 Launched!
SMP: AP CPU #3 Launched!
SMP: AP CPU #2 Launched!
da0 at mpt0 bus 0 target 0 lun 0
da0: <SEAGATE ST3146854SS 0003> Fixed Direct Access SCSI-5 device
da0: 300.000MB/s transfers, Tagged Queueing Enabled
da0: 140014MB (286749488 512 byte sectors: 255H 63S/T 17849C)
Trying to mount root from ufs:/dev/da0s1a
em0: link state changed to UP
em1: link state changed to UP
==========================================================================
On machine I run only ng_nat and ipfw pipe.
==========================================================================
00050 6 3576 deny icmp from any to any frag
00050 1820 249726 deny udp from any to any dst-port 80
00060 5442899 932976496 allow ip from table(70) to any
00060 7622939 6883158204 allow ip from any to table(70)
00080 3231 172320 allow ip from me to 83.243.65.1 dst-port 25
00090 34744 3191729 allow ip from table(5) 12758 to 172.16.0.236
00090 34849 2083924 allow ip from 172.16.0.236 to table(5) dst-port 12758
00090 185922 21735570 allow ip from table(5) 11758 to 172.16.0.236
00090 187342 9833801 allow ip from 172.16.0.236 to table(5) dst-port 11758
00095 243951 12148027 allow ip from 172.16.0.0/24 to 172.16.0.0/24
00100 10 560 deny ip from 192.168.0.0/16 to 192.168.0.0/16
00100 14 2054 deny ip from 192.168.0.0/16 to 10.0.0.0/8
00100 89 3629 deny ip from 192.168.0.0/16 to 172.16.0.0/12
00100 20 2459 deny ip from 10.0.0.0/8 to 10.0.0.0/8
00100 1847 88079 deny ip from 10.0.0.0/8 to 172.16.0.0/12
00100 0 0 deny ip from 10.0.0.0/8 to 192.168.0.0/16
00100 7627 457710 deny ip from 172.16.0.0/12 to 172.16.0.0/12
00100 2 148 deny ip from 172.16.0.0/12 to 192.168.0.0/16
00100 1 56 deny ip from 172.16.0.0/12 to 10.0.0.0/8
00200 63 7204 deny ip from 10.0.0.0/8 to any dst-port 25
00200 4 200 deny ip from 192.168.0.0/16 to any dst-port 25
00200 1908 91800 deny ip from 172.16.0.0/12 to any dst-port 25
00300 9481 716559 deny ip from any to any dst-port 135,137,138,139,445,1434
03040 0 0 pipe 40 ip from table(40) to any via em0 in
03041 2215256 1045095901 pipe 41 ip from table(41) to any via em0 in
03042 6398972 2757378401 pipe 42 ip from table(42) to any via em0 in
03043 16640272 4460775619 pipe 43 ip from table(43) to any via em0 in
03044 38115366 17620358687 pipe 44 ip from table(44) to any via em0 in
03045 4883602 972663443 pipe 45 ip from table(45) to any via em0 in
03046 48664978 22881180894 pipe 46 ip from table(46) to any via em0 in
03047 0 0 pipe 47 ip from table(47) to any via em0 in
03048 0 0 pipe 48 ip from table(48) to any via em0 in
04000 82226649 32282435252 netgraph 60 ip from table(90) to not me
04100 49680815 7092401242 netgraph 61 ip from { 10.0.0.0/8 or 192.168.0.0/16 or 172.16.0.0/12 } to not me via em0 in
55010 197912 283764117 pipe 10 ip from any to table(10) via em0 out
55011 549414 566646883 pipe 11 ip from any to table(11) via em0 out
55012 4381078 3597578047 pipe 12 ip from any to table(12) via em0 out
55013 20445394 17228670599 pipe 13 ip from any to table(13) via em0 out
55014 47220417 36110318961 pipe 14 ip from any to table(14) via em0 out
55015 4693015 3820935071 pipe 15 ip from any to table(15) via em0 out
55016 41168610 24833380428 pipe 16 ip from any to table(16) via em0 out
55017 0 0 pipe 17 ip from any to table(17) via em0 out
55018 0 0 pipe 18 ip from any to table(18) via em0 out
58000 87823375 70689548442 netgraph 62 ip from any to 193.218.140.252
58100 57522111 37236217514 netgraph 63 ip from any to 83.243.71.240
60000 87158568 37993535128 allow ip from table(100) to any
60000 285522931 206143350444 allow ip from any to table(100)
60100 160953 11365249 allow ip from table(80) to any
60100 79509025 51399710458 allow ip from any to table(80)
64500 263927627 78747666422 allow ip from me to any
64500 3416864 447803134 allow ip from any to me
65535 1744642 105250399 deny ip from any to any
===========================================================================
In table I have next qty of ip's :
===========================================================================
vvv at unlim# ipfw table 3 list | wc -l
0
vvv at unlim# ipfw table 5 list | wc -l
5
vvv at unlim# ipfw table 70 list | wc -l
39
vvv at unlim# ipfw table 90 list | wc -l
831
vvv at unlim# ipfw table 100 list | wc -l
1488
vvv at unlim# ipfw table 80 list | wc -l
1246
============================================================================
Problem was when I used 4Gb of RAM and freebsd reboot one time in a day. I try to use options VM_KMEM_SIZE_MAX=536870912, but problem are the same, but freebsd reboot one time in a 3 day.
Network load of that computer is about 35-45 Mbit/s RX and 25-35 TX on each interface and about 7000pps in a peak.
Machine rebooted not in peak time and I cant understand when.
>How-To-Repeat:
Dont know.
I try to explain all that I know.
>Fix:
Dont know.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-i386
mailing list