Whether ALTQ generates " No buffer space available " error or IPFW ?

samira nazari.s11 at gmail.com
Sat Apr 23 06:53:07 UTC 2016

Hi everyone,
I using FreeBSD9.2 and defining a rule in ipfw that divert tcp packets on
port 80 to port 8000 and by suricata will be reviewed.
ipfw list:
01901 divert 8000 tcp from any to any dst-port 80

And then the packets is sent by altq to queue defined
ipfw list:
03009 skipto 3011 tcp from any to any dst-port 80
03010 skipto 3012 ip from any to any
03011 allow altq http-gbeth3-out ip from any to any via gbeth3 out

And we limit bandwidth in pf.conf for http traffic
queue http-gbeth3-out bandwidth 50Kb  hfsc (  upperlimit 50Kb )

When the transmission of huge amounts of http packets and pf action is to
drop packets, suricata crash and the following message appears in the
suricata.log file:
<Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket
failed: No buffer space available

Has anyone dealt with this issue?

There is a similar problem:
By sending ICMP packets to the queue and send ping from the interface also
seen this problem  and the following message is displayed:
 ping: sendto: No buffer space available

If the specified bandwidth increased and not drop any packets, this problem
does not occur.

Thank you for all of your comments and help

View this message in context: http://freebsd.1045724.n5.nabble.com/Whether-ALTQ-generates-No-buffer-space-available-error-or-IPFW-tp6093662.html
Sent from the freebsd-questions mailing list archive at Nabble.com.

More information about the freebsd-questions mailing list