From owner-freebsd-questions@FreeBSD.ORG  Thu Jan 27 21:14:04 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8E1F116A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 27 Jan 2005 21:14:04 +0000 (GMT)
Received: from hobbiton.shire.net (hobbiton.shire.net [166.70.252.250])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5697443D1D
	for <freebsd-questions@freebsd.org>;
	Thu, 27 Jan 2005 21:14:04 +0000 (GMT)	(envelope-from chad@shire.net)
Received: from [67.161.222.227] (helo=[192.168.99.68])
	by hobbiton.shire.net with esmtpsa (TLSv1:RC4-SHA:128)
	(Exim 4.43)
	id 1CuGxn-000OnH-PZ
	for freebsd-questions@freebsd.org; Thu, 27 Jan 2005 14:14:03 -0700
Mime-Version: 1.0 (Apple Message framework v619)
Message-Id: <5E965CFE-70A8-11D9-B134-000D933E3CEC@shire.net>
To: freebsd-questions@freebsd.org
From: Chad Leigh -- Shire.Net LLC <chad@shire.net>
Date: Thu, 27 Jan 2005 14:14:02 -0700
X-Mailer: Apple Mail (2.619)
X-SA-Exim-Connect-IP: 67.161.222.227
X-SA-Exim-Mail-From: chad@shire.net
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; format=flowed
X-Spam-Checker-Version: SpamAssassin 3.0.0 (2004-09-13) on hobbiton.shire.net
X-Spam-Status: No, score=-0.1 required=5.0 tests=AWL,BAYES_50 
	autolearn=disabled version=3.0.0
X-Spam-Level: 
X-SA-Exim-Version: 4.1+cvs (built Mon, 23 Aug 2004 08:44:05 -0700)
X-SA-Exim-Scanned: Yes (on hobbiton.shire.net)
Subject: lots of apache "httpsd" processes in "sbwait"
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jan 2005 21:14:04 -0000


I have several installations of apache running on a FreeBSD 4.9 system 
(soon to be replaced with a 5.3 system).  One particular one, a 1.3.27 
plus Ben-SSL, with PHP,  has a LOT of its processes in "sbwait" state.  
I have been googling and did not find much that explained what this was 
symptomatic of.  One from Terry Lambert had some interesting info, but 
this system is not that highly loaded and based on the clientele of the 
site, I would expect that they are all on high speed links (a video 
gaming site -- mlgpro.com), and he had mentioned that this might be 
from slow clients.

Could this be a symptom of a denial of service attack?

What does it mean (in detail) and are there things I can adjust to make 
it not happen?

Thanks
Chad