Date: Mon, 30 Nov 2009 11:01:01 -0500 From: Mike Tancsa <mike@sentex.net> To: Dag-Erling =?iso-8859-1?Q?Sm=C3=B8rgrav?= <des@des.no>, gary.jennejohn@freenet.de Cc: current@freebsd.org Subject: Re: [head tinderbox] failure on i386/i386 Message-ID: <200911301600.nAUG0Yp7087369@lava.sentex.ca> In-Reply-To: <86tywcxk43.fsf@ds4.des.no> References: <200911291846.nATIkGAZ061903@freebsd-current.sentex.ca> <863a3wz56r.fsf@ds4.des.no> <20091130115225.53cff885@ernst.jennejohn.org> <86tywcxk43.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:39 AM 11/30/2009, Dag-Erling Sm=C3=B8rgrav wrote:
>Gary Jennejohn <gary.jennejohn@freenet.de> writes:
> > Sean C. Farley (scf@) recently reported this on this list
> > > Also, cvsupd will core dump (SIGILL) [...] when a connection to it
> > > is made from csup.
> > Might be related. Don't know whether Sentex is runng i386 or AMD64.
>
>No, the server runs just fine, but rejects connections from the builder.
Server looks ok. I can check out sources as root=20
from the box as well. The daemon's config is
-0.0.0.0/0 4 # Limit total connections
-199.212.134.18/32 4
-64.7.128.98/32 4
-64.7.128.100/32 4
-0.0.0.0/0/32 2
+0.0.0.0/0
I changed it to
-0.0.0.0/0 8 # Limit total connections
-199.212.134.18/32 8 # Allow only 1 connection from each host
-64.7.128.98/32 8 # Allow only 1 connection from each host
-64.7.128.100/32 8 # Allow only 1 connection from each host
-0.0.0.0/0/32 4 # Allow only 1 connection from each host
+0.0.0.0/0 # If we reach this rule, we let the client in
0(freebsd-current)# csup -g -L2 standard-supfile
Parsing supfile "standard-supfile"
Connecting to cvsup.sentex.ca
Connected to 64.7.153.5
Server software version: SNAP_16_1h
Negotiating file attribute support
Exchanging collection information
Establishing multiplexed-mode data connection
Running
Updating collection src-all/cvs
cvsup.sentex.ca mirrors off cvsup4.freebsd.org=20
which seems to reject connections about 50% of the time.
Looking at the server's logs,
Nov 29 17:17:10 backup3 cvsupd[35748]: +0=20
tinderbox@freebsd-current.sentex.ca [CSUP_1_0/17.0]
Nov 29 17:17:32 backup3 cvsupd[35748]: =3D0 [899Kin+687Kout] src-all/cvs
Nov 29 17:17:32 backup3 cvsupd[35748]: -0=20
[899Kin+687Kout] Finished successfully
Nov 29 17:18:16 backup3 cvsupd[35769]: +1=20
tinderbox@freebsd-current.sentex.ca [CSUP_1_0/17.0]
Nov 29 17:18:38 backup3 cvsupd[35769]: =3D1 [899Kin+687Kout] src-all/cvs
Nov 29 17:18:38 backup3 cvsupd[35769]: -1=20
[899Kin+687Kout] Finished successfully
Nov 29 17:19:07 backup3 cvsupd[35785]: +2=20
tinderbox@freebsd-current.sentex.ca [CSUP_1_0/17.0]
Nov 29 17:19:29 backup3 cvsupd[35785]: =3D2 [899Kin+687Kout] src-all/cvs
Nov 29 17:19:29 backup3 cvsupd[35785]: -2=20
[899Kin+687Kout] Finished successfully
The only pf blocks I see are things like
0[backup3]# bzcat pflog.0.bz2 | tcpdump -ner -=20
host 64.7.128.98 and action block
reading from file -, link-type PFLOG (OpenBSD pflog file)
05:21:48.104604 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.64479 > 64.7.153.5.5999: F=20
2465763434:2465763434(0) ack 1536020875 win 8326=20
<nop,nop,timestamp 2361530507 3408181659>
05:21:48.104629 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.40992 > 64.7.153.5.5999: F=20
2286333931:2286333931(0) ack 656209946 win 8326=20
<nop,nop,timestamp 2361530507 944778773>
05:21:48.104636 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.44218 > 64.7.153.5.5999: F=20
2472100328:2472100328(0) ack 1971781143 win 8326=20
<nop,nop,timestamp 2361530507 2515530998>
05:21:48.205534 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.51944 > 64.7.153.5.5999: F=20
341584713:341584713(0) ack 1261150224 win 8326=20
<nop,nop,timestamp 2361530608 2967557127>
05:21:48.205653 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.58652 > 64.7.153.5.5999: F=20
133362219:133362219(0) ack 347682957 win 8326=20
<nop,nop,timestamp 2361530608 8467470>
05:21:48.205657 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.14737 > 64.7.153.5.5999: F=20
1166740951:1166740951(0) ack 2344064018 win 8326=20
<nop,nop,timestamp 2361530608 344110128>
05:23:07.489480 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.64479 > 64.7.153.5.5999: R=20
1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609890 3408181659>
05:23:07.489486 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.40992 > 64.7.153.5.5999: R=20
1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609890 944778773>
05:23:07.489490 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.44218 > 64.7.153.5.5999: R=20
1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609890 2515530998>
05:23:07.590477 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.51944 > 64.7.153.5.5999: R=20
1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609991 2967557127>
05:23:07.590595 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.58652 > 64.7.153.5.5999: R=20
1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609991 8467470>
05:23:07.590599 rule 2/0(match): block in on=20
vlan2: 64.7.128.98.14737 > 64.7.153.5.5999: R=20
1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609991 344110128>
---Mike
>DES
>--
>Dag-Erling Sm=C3=B8rgrav - des@des.no
>_______________________________________________
>freebsd-current@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-current
>To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200911301600.nAUG0Yp7087369>