Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 17 Aug 2011 14:27:09 +0200
From:      Florian Smeets <flo@freebsd.org>
To:        obrien@freebsd.org
Cc:        "Bjoern A. Zeeb" <bz@freebsd.org>, freebsd-pf@freebsd.org
Subject:   Re: svn commit: r223637 - in head: . contrib/pf/authpf contrib/pf/ftp-proxy contrib/pf/man contrib/pf/pfctl contrib/pf/pflogd sbin/pflogd sys/conf sys/contrib/altq/altq sys/contrib/pf/net sys/modules s...
Message-ID:  <4E4BB39D.8070903@freebsd.org>
In-Reply-To: <20110708170240.GA59024@dragon.NUXI.org>
References:  <201106281157.p5SBvP5g048097@svn.freebsd.org> <EA6E6909-A42B-4CF2-891A-B8A80E2B8476@FreeBSD.org> <20110629192224.2283efc8@fabiankeil.de> <20110707193539.GA60591@dragon.NUXI.org> <CAPBZQG1ZOBJh0BMPH%2BkKAHfWJoYCubdGunncd5Bhd7y39-_fkA@mail.gmail.com> <20110708170240.GA59024@dragon.NUXI.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 08.07.2011 19:02, David O'Brien wrote:
> On Fri, Jul 08, 2011 at 02:26:37PM +0200, Ermal Lui wrote:
>> On Thu, Jul 7, 2011 at 9:35 PM, David O'Brien<obrien@freebsd.org>  wrote:
>>> I have 'pfctl', 'netstat', 'netstat -rn', and 'sysctl -a' output from one
>>> of these experiences. �Would they be useful to you in looking into this?
>>
>> please send those.
>> Also useful would be a description of your setup.
>
> Ermal,
> Thanks.  I'll send to you off list.
>

Hi,

did you guys find out what was wrong? I may have a similar problem. My 
server loses connection after some time. I think it is because the state 
table is getting full, but i only have a couple of active states.

The current entries keep increasing, i had ~3600 this morning.

flo@tb:~ # sudo pfctl -vsi|grep "current entries"
No ALTQ support in kernel
ALTQ related functions disabled
   current entries                     4891
   current entries                        0
flo@tb:~ # sudo pfctl -ss| wc -l
No ALTQ support in kernel
ALTQ related functions disabled
       12

Every new connection is added to the current entries but it seems they 
are never removed?!

I've set debug to loud, what else should i do to track this down?

Thanks,
Florian

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E4BB39D.8070903>