Re: It keeps CRrrASHING!!

[Fafa Diliha Romanova]

Hello Tomas!

It must be PF.
Whenever I download, it crashes.

Everytime I reboot after crash, I have to type:

# pfctl -F a ; pfctl -Nf /etc/pf.conf ; pfctl -sr

For my int_if to get Internet access.
Anyway, here is my pf.conf:

int_if="ep0"
ext_if="lnc0"

# *** Options
#
set block-policy drop

# *** Scrub incoming packets
#
scrub   in all

# *** NAT
#
nat on $ext_if from $int_if:network to any -> ($ext_if)
rdr on $int_if proto tcp from any to any \
port 21 -> 127.0.0.1 port 8021

# *** Default deny policy
#
block   drop log all

# *** Pass loopback traffic
#
passquick on lo0 all

# *** Outgoing
#
#
passout on $ext_if inet proto tcp \
from any to any flags S/SA keep state
passout on $ext_if inet proto { udp, icmp } \
from ($ext_if) to any keep state

# *** Bootstrap
#
passout on $ext_if inet proto udp \
from any port 68 to any port 67 keep state

# *** DNS and NTP
#
passout on $ext_if inet proto udp \
from ($ext_if) to any port { 53, 123 } keep state

# *** SSH and HTTP
#
passin on $ext_if inet proto tcp \
from any to ($ext_if) port { 22, 80 } flags S/SA keep state

# *** Active FTP
#
passin on $ext_if inet proto tcp \
from port 20 to ($ext_if) user proxy flags S/SA keep state

Thanks,
Fafa

- Original Message -
From: "Tomas Quintero" <[EMAIL PROTECTED]>
To: "Fafa Diliha Romanova" <[EMAIL PROTECTED]>
Subject: Re: It keeps CRrrASHING!!
Date: Mon, 25 Apr 2005 12:43:35 -0400

> 
> On 4/25/05, Fafa Diliha Romanova <[EMAIL PROTECTED]> wrote:
> > Hey!
> >
> > I am running FreeBSD 5.4-STABLE on a Pentium 120.
> >
> > Since three days ago, it has been crashing regularly, leaving me with
> > no choice but to shut it off and back on. I have absolutely no idea what
> > might be wrong. The server has a lot of free HD space. It ain't
> > experiencing no overload that I'm aware of. Everything should be smooth.
> >
> > Maybe it's the network interface. Or the fact that I just replaced
> > IPFW with PF. Because this only seems to happen when I surf the net and
> > download stuff from the workstation behind it.
> 
> It may also be your PF.conf or your NIC. I am running a 5.3-RELEASE
> box w/ PF routing 3 DSL circuits. Upon early installation, it was
> extremely slow on one circuit which was determined to be a NIC. Later
> on, the system would hardlock as soon as a user attempted to access
> the internet. What was occuring to my knowledge is there is a bug
> associated with static-port in the NAT line. You may consider posting
> part if not most of your pf.conf to see if any issues could be
> underlying in it.
> 
> 
> --
> -Tomas Quintero

-- 
___
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: It keeps CRrrASHING!!

[Roland Smith]

On Mon, Apr 25, 2005 at 07:54:55AM -0500, Fafa Diliha Romanova wrote:
> Hey!
> 
> I am running FreeBSD 5.4-STABLE on a Pentium 120.
> 
> Since three days ago, it has been crashing regularly, leaving me with
> no choice but to shut it off and back on. I have absolutely no idea what
> might be wrong. The server has a lot of free HD space. It ain't
> experiencing no overload that I'm aware of. Everything should be smooth.
> 
> Maybe it's the network interface. Or the fact that I just replaced
> IPFW with PF. Because this only seems to happen when I surf the net and
> download stuff from the workstation behind it. 

Set the system up for saving crashdumps, as described in §11.1 of the
developers handbook. That might give the developers a better idea what's
wrong.

Make sure the hardware is OK. There are some old chipsets (RZ1000?)
that are a known source of problems. Check the mailing list archives.
Run memtest86 to check the RAM. Check if PCI cards are properly seated
and if cables aren't loose.

If you suspect the network interface, try another network card and see
whether the problems disappear.

If returning to IPFW fixes the problem, it might well be a problem with
PF of with your ruleset.

Roland
-- 
R.F. Smith   /"\ASCII Ribbon Campaign
r s m i t h @ x s 4 a l l . n l  \ /No HTML/RTF in e-mail
http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail
public key: http://www.keyserver.net / \Respect for open standards


pgpPClswEkNVj.pgp
Description: PGP signature

Re: It keeps CRrrASHING!!

[Louis LeBlanc]

On 04/25/05 09:13 AM, Greg Donald sat at the `puter and typed:
> On 4/25/05, Louis LeBlanc <[EMAIL PROTECTED]> wrote:
> > You might also want to double check the hardware list - Pentium 120 is a
> > pretty old system, isn't it?  I have 2 PIII systems I'm trying to get
> > rid of myself (400 & 440 Mhz).  I don't have time to waste waiting for
> > them anymore.
> 
> Need a mailing address?

Sure, can I send it postage due?  :)

Actually, if anyone can pick them up in Waltham, MA (just outside
Boston, right where the Mass Pike hits Rte 128) they're welcome to them.
That would save the trouble of mailing them (The Dell is quite heavy)
and I won't have to put them in the hazardous waste collection next
weekend.

Both systems work fine, but they are quite old - one is a frankenstein
(built almost 7 years ago from auction site parts) the other is an old
Dell, obtained in a company clutter giveaway some 3 years ago.  Both
have at least a 6 G drive, and I think 64 and 128M of ram.  Neither has
a keyboard or Monitor.  Both will need an OS installed.

Lou
-- 
Louis LeBlanc  FreeBSD-at-keyslapper-DOT-net
Fully Funded Hobbyist,   KeySlapper Extrordinaire :)
Please send off-list email to: leblanc at keyslapper d.t net
Key fingerprint = C5E7 4762 F071 CE3B ED51  4FB8 AF85 A2FE 80C8 D9A2

Once, adv.:
  Enough.
-- Ambrose Bierce, "The Devil's Dictionary"


pgpOmIgxTG2a0.pgp
Description: PGP signature

Re: It keeps CRrrASHING!!

[Greg Donald]

On 4/25/05, Louis LeBlanc <[EMAIL PROTECTED]> wrote:
> You might also want to double check the hardware list - Pentium 120 is a
> pretty old system, isn't it?  I have 2 PIII systems I'm trying to get
> rid of myself (400 & 440 Mhz).  I don't have time to waste waiting for
> them anymore.

Need a mailing address?


-- 
Greg Donald
Zend Certified Engineer
http://destiney.com/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: It keeps CRrrASHING!!

[Louis LeBlanc]

The date on your distribution is April 13, but if you check the FreeBSD
site (http://www.freebsd.org/news/newsflash.html#event20050418:01)
you'll see that 5.4-RC3 is now available.  Maybe you want to try that?

You might also want to double check the hardware list - Pentium 120 is a
pretty old system, isn't it?  I have 2 PIII systems I'm trying to get
rid of myself (400 & 440 Mhz).  I don't have time to waste waiting for
them anymore.

Regardless, as recommended in the handbook (here:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html#STABLE),
for the STABLE branch, you might want to go to the freebsd-stable list
(check here: http://lists.freebsd.org/mailman/listinfo/freebsd-stable).

The -questions list is generally (though not always strictly) geared
toward questions regarding the latest RELENG_* branches, not STABLE.

Personally, I hadn't even realized the release candidates were out, so
I'm actually glad you did post here :)  I'm hoping to see improved USB
2.0 support.

HTH
Lou


On 04/25/05 07:54 AM, Fafa Diliha Romanova sat at the `puter and typed:
> Hey!
> 
> I am running FreeBSD 5.4-STABLE on a Pentium 120.
> 
> Since three days ago, it has been crashing regularly, leaving me with
> no choice but to shut it off and back on. I have absolutely no idea what
> might be wrong. The server has a lot of free HD space. It ain't
> experiencing no overload that I'm aware of. Everything should be smooth.
> 
> Maybe it's the network interface. Or the fact that I just replaced
> IPFW with PF. Because this only seems to happen when I surf the net and
> download stuff from the workstation behind it. 
> 
> # dmesg
> 
> Copyright (c) 1992-2005 The FreeBSD Project.
> Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
> The Regents of the University of California. All rights reserved.
> FreeBSD 5.4-STABLE #1: Wed Apr 13 18:30:43 CEST 2005
> [EMAIL PROTECTED]:/usr/obj/usr/src/sys/NINJA
> Timecounter "i8254" frequency 1193182 Hz quality 0
> CPU: Pentium/P54C (119.75-MHz 586-class CPU)
>   Origin = "GenuineIntel"  Id = 0x52c  Stepping = 12
>   Features=0x1bf
> real memory  = 100663296 (96 MB)
> avail memory = 93040640 (88 MB)
> Intel Pentium detected, installing workaround for F00F bug
> npx0:  on motherboard
> npx0: INT 16 interface
> cpu0 on motherboard
> pcib0:  pcibus 0 on motherboard
> pci0:  on pcib0
> isab0:  at device 7.0 on pci0
> isa0:  on isab0
> pci0:  at device 8.0 (no driver attached)
> lnc0:  port 0xff80-0xff9f irq 10 at device 11.0 
> on p
> ci0
> lnc0: Attaching PCNet/PCI Ethernet adapter
> lnc0: Ethernet address: 00:00:4b:30:1e:94
> lnc0: if_start running deferred for Giant
> lnc0: PCnet-PCI
> pci0:  at device 17.0 (no driver attached)
> pci0:  at device 19.0 (no driver attached)
> orm0:  at iomem 0xed000-0xedfff,0xc-0xc7fff on isa0
> ata0 at port 0x3f6,0x1f0-0x1f7 irq 14 on isa0
> ata1 at port 0x376,0x170-0x177 irq 15 on isa0
> atkbdc0:  at port 0x64,0x60 on isa0
> atkbd0:  irq 1 on atkbdc0
> kbd0 at atkbd0
> fdc0:  at port 0x3f0-0x3f5 irq 6 drq 2 on isa0
> fd0: <1440-KB 3.5" drive> on fdc0 drive 0
> sc0:  at flags 0x100 on isa0
> sc0: VGA <16 virtual consoles, flags=0x300>
> sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
> sio0: type 16550A
> sio1: configured irq 3 not in bitmap of probed irqs 0
> sio1: port may not be enabled
> vga0:  at port 0x3c0-0x3df iomem 0xa-0xb on isa0
> ep0: <3Com 3C509B-Combo EtherLink III (PnP)> at port 0x210-0x21f irq 3 on isa0
> ep0: Ethernet address: 00:a0:24:1b:2b:a6
> unknown:  can't assign resources (port)
> psmcpnp0: irq resource info is missing; assuming irq 12
> unknown:  can't assign resources (port)
> unknown:  can't assign resources (port)
> unknown:  can't assign resources (port)
> unknown:  can't assign resources (port)
> Timecounter "TSC" frequency 119753102 Hz quality 800
> Timecounters tick every 10.000 msec
> ad0: 38166MB  [77545/16/63] at ata0-master PIO4
> Mounting root from ufs:/dev/ad0s1a
> WARNING: / was not properly dismounted
> WARNING: /tmp was not properly dismounted
> WARNING: /usr was not properly dismounted
> WARNING: /var was not properly dismounted
> pflog0: promiscuous mode enabled
> pflog0: promiscuous mode disabled
> lnc0: promiscuous mode enabled
> 
> # grep "Apr 25" /var/log/messages
> 
> Apr 25 14:16:57 ninja kernel: lnc0: Start of packet found before end of 
> previous in transmit ring -- Resetting
> Apr 25 14:19:39 ninja kernel: lnc0: Start of packet found before end of 
> previous in transmit ring -- Resetting
> Apr 25 14:22:14 ninja kernel: lnc0: Start of packet found before end of 
> previous in transmit ring -- Resetting
> Apr 25 14:28:20 ninja sshd[878]: error: PAM: authentication error for johann 
> from urban.terrabionic.lan
> Apr 25 14:44:26 ninja syslogd: kernel boot file is /boot/kernel/kernel
> Apr 25 14:44:26 ninja kernel: Copyright (c) 1992-2005 The FreeBSD Project.
> Apr 25 14:44:26 ninja kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 
> 198