I have observed this happening when there are infected machines in the network that incessantly send web requests. This causes squid to query filterdns which fills all the states and new connections are slow to open.
Have a look on state table and you will see most of them from 127.0.0.1 to 127.0.0.1:53. Immediate measure can be not to use dns-forwarder as DNS for the firewall. Sift through squid access log to find out infected machines and sanitise them. Regards, Nishant On 24 November 2014 9:52:22 am IST, Volker Kuhlmann <list0...@paradise.net.nz> wrote: >The second time within two days now my pfsense has shot itself. So far >I >worked out this: > >filterdns opens an unlimited number of files (approx 10753). >(Only one filterdns process is running!) > >Squid 2.7.9 pkg v.4.3.4 starts logging > httpAccept: FD 51: accept failure: (23) Too many open files in system >without rate limit (bad design). > >The log file grows until the disk is full. > >My Internet goes offline, which is when I notice the problem. > >Recovery is possible by removing the oversized log file and killing >filterdns. > >pfSense 2.0.5 running on APU1 board. > >Why is this suddenly starting to happen? The only change I've had >recently is that the internal SSD failed and got replaced with a 2.5" >SATA spinning platter. > >Thanks muchly, > >Volker -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
