Re: apache problems
On Thu, Aug 16, 2007 at 07:28:24PM +0200, Reinhold wrote: Hi Hello. First off, you sent mail to the list twice. I don't know why, but you did. Be patient. :-) I am having some problems with apache22 on my box. What happens is, when I'm viewing loads and loads of pages, apache will stop responding untill I restart it again. This normally happens when the free memory shown by top gets to about +- 100MB. I'm guessing that might be due to you using the ULE scheduler in your kernel. Try switching back to 4BSD and see if that fixes it. I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. AFAIK, using accf_data.ko isn't recommended. accf_http.ko on the other hand is OK. Try not loading accf_data.ko in addition to my above recommendation (re: 4BSD scheduler). device pf device pflog device pfsync Finally, make sure your pf rules aren't doing anything stupid. If ultimately you think it's a problem with pf rules, unload the pf module and/or set pf_enable=no in rc.conf and reboot. If the problem goes away after that, then you'll know. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problems
Thanks for the reply I'm having some mail problems as well, today is not my day. I'll remove all the stuff you mentioned and change back to 4BSD Will I have to recompile all the ports as well? I don't think its a PF problem because I have used this rule set of mine for a few years with no problems at all, but I'll recheck that just to make sure. Now for the mail problem I'm having its got to do with postfix sending mail from any ip address and not from the one that I want it to, but thats a later problem and on another box, I first want to get this apache thing sorted.. On Thu, August 16, 2007 20:07, Jeremy Chadwick wrote: On Thu, Aug 16, 2007 at 07:28:24PM +0200, Reinhold wrote: Hi Hello. First off, you sent mail to the list twice. I don't know why, but you did. Be patient. :-) I am having some problems with apache22 on my box. What happens is, when I'm viewing loads and loads of pages, apache will stop responding untill I restart it again. This normally happens when the free memory shown by top gets to about +- 100MB. I'm guessing that might be due to you using the ULE scheduler in your kernel. Try switching back to 4BSD and see if that fixes it. I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. AFAIK, using accf_data.ko isn't recommended. accf_http.ko on the other hand is OK. Try not loading accf_data.ko in addition to my above recommendation (re: 4BSD scheduler). device pf device pflog device pfsync Finally, make sure your pf rules aren't doing anything stupid. If ultimately you think it's a problem with pf rules, unload the pf module and/or set pf_enable=no in rc.conf and reboot. If the problem goes away after that, then you'll know. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problems
Thanks for the reply I'm having some mail problems as well, today is not my day. I'll remove all the stuff you mentioned and change back to 4BSD Will I have to recompile all the ports as well? I don't think its a PF problem because I have used this rule set of mine for a few years with no problems at all, but I'll recheck that just to make sure. Now for the mail problem I'm having its got to do with postfix sending mail from any ip address and not from the one that I want it to, but thats a later problem and on another box, I first want to get this apache thing sorted.. On Thu, August 16, 2007 20:07, Jeremy Chadwick wrote: On Thu, Aug 16, 2007 at 07:28:24PM +0200, Reinhold wrote: Hi Hello. First off, you sent mail to the list twice. I don't know why, but you did. Be patient. :-) I am having some problems with apache22 on my box. What happens is, when I'm viewing loads and loads of pages, apache will stop responding untill I restart it again. This normally happens when the free memory shown by top gets to about +- 100MB. I'm guessing that might be due to you using the ULE scheduler in your kernel. Try switching back to 4BSD and see if that fixes it. I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. AFAIK, using accf_data.ko isn't recommended. accf_http.ko on the other hand is OK. Try not loading accf_data.ko in addition to my above recommendation (re: 4BSD scheduler). device pf device pflog device pfsync Finally, make sure your pf rules aren't doing anything stupid. If ultimately you think it's a problem with pf rules, unload the pf module and/or set pf_enable=no in rc.conf and reboot. If the problem goes away after that, then you'll know. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problems
Thanks for the reply I'm having some mail problems as well, today is not my day. I'll remove all the stuff you mentioned and change back to 4BSD Will I have to recompile all the ports as well? I don't think its a PF problem because I have used this rule set of mine for a few years with no problems at all, but I'll recheck that just to make sure. Now for the mail problem I'm having its got to do with postfix sending mail from any ip address and not from the one that I want it to, but thats a later problem and on another box, I first want to get this apache thing sorted.. On Thu, August 16, 2007 20:07, Jeremy Chadwick wrote: On Thu, Aug 16, 2007 at 07:28:24PM +0200, Reinhold wrote: Hi Hello. First off, you sent mail to the list twice. I don't know why, but you did. Be patient. :-) I am having some problems with apache22 on my box. What happens is, when I'm viewing loads and loads of pages, apache will stop responding untill I restart it again. This normally happens when the free memory shown by top gets to about +- 100MB. I'm guessing that might be due to you using the ULE scheduler in your kernel. Try switching back to 4BSD and see if that fixes it. I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. AFAIK, using accf_data.ko isn't recommended. accf_http.ko on the other hand is OK. Try not loading accf_data.ko in addition to my above recommendation (re: 4BSD scheduler). device pf device pflog device pfsync Finally, make sure your pf rules aren't doing anything stupid. If ultimately you think it's a problem with pf rules, unload the pf module and/or set pf_enable=no in rc.conf and reboot. If the problem goes away after that, then you'll know. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problems
Jeremy Chadwick wrote: [...] I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. It is not always possible to load modules after OS startup is done - when securelevel is 1 or above, you can not load kernel modules. Miroslav Lachman ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problems
On Thu, Aug 16, 2007 at 08:39:28PM +0200, Reinhold wrote: Thanks for the reply I'm having some mail problems as well, today is not my day. I'll remove all the stuff you mentioned and change back to 4BSD Will I have to recompile all the ports as well? Nope, you won't. I don't think its a PF problem because I have used this rule set of mine for a few years with no problems at all, but I'll recheck that just to make sure. Some rules appear to work fine, but actually cause problems in certain conditions. For example, we cannot use the reassemble tcp feature of scrub, or else it breaks all sorts of stuff on our network. You wouldn't notice it until you did something that involves a lot of I/O via ssh, such as while true; do dmesg; done, which after 2-3 seconds would result in a TCP connection getting severed. My point is, rule out everything if you can. :-) Now for the mail problem I'm having its got to do with postfix sending mail from any ip address and not from the one that I want it to, but thats a later problem and on another box, I first want to get this apache thing sorted.. That's an easy one: use smtp_bind_address in main.cf. I've got a little two-liner comment in my main.cf about the difference between inet_interfaces and smtp_bind_address: # inet_interfaces defines what IPs/FQDNs to bind to for listening sockets. # smtp_bind_address defines what IP to bind to when delivering mail. inet_interfaces = mx01.sc1.parodius.com, localhost smtp_bind_address = 72.20.106.3 Also, AFAIK, you have to use an IP address for smtp_bind_address but not for inet_interfaces. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: apache problems
On Thu, Aug 16, 2007 at 09:16:00PM +0200, Miroslav Lachman wrote: Jeremy Chadwick wrote: [...] I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. It is not always possible to load modules after OS startup is done - when securelevel is 1 or above, you can not load kernel modules. Okay, then the apache rc.d script needs to take this into account, regardless of what rc.conf apache22_http_accept_enable is set to. That shouldn't be too hard to fix. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
mail problems was Re: apache problems
Thanks for the tips on postfix but they don't work for me. I have my mail server behind a pf firewall box on a local ip I have attached my pf.conf file so that you can see what it looks like, I also have to tell spamd to use the hostname of the mail sever but when I use the -h flag is sops working. thanks for all the help On Thu, 16 Aug 2007 12:18:35 -0700 Jeremy Chadwick [EMAIL PROTECTED] wrote: On Thu, Aug 16, 2007 at 09:16:00PM +0200, Miroslav Lachman wrote: Jeremy Chadwick wrote: [...] I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. It is not always possible to load modules after OS startup is done - when securelevel is 1 or above, you can not load kernel modules. Okay, then the apache rc.d script needs to take this into account, regardless of what rc.conf apache22_http_accept_enable is set to. That shouldn't be too hard to fix. pf.conf Description: Binary data ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: mail problems was Re: apache problems
Just a FYI, its not a great idea to post your firewall rules w/ external/internal ips still intact. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reinhold Sent: Thursday, August 16, 2007 4:46 PM To: freebsd-stable@freebsd.org Subject: mail problems was Re: apache problems Thanks for the tips on postfix but they don't work for me. I have my mail server behind a pf firewall box on a local ip I have attached my pf.conf file so that you can see what it looks like, I also have to tell spamd to use the hostname of the mail sever but when I use the -h flag is sops working. thanks for all the help On Thu, 16 Aug 2007 12:18:35 -0700 Jeremy Chadwick [EMAIL PROTECTED] wrote: On Thu, Aug 16, 2007 at 09:16:00PM +0200, Miroslav Lachman wrote: Jeremy Chadwick wrote: [...] I'm also getting this error when I do a gracful restart of apache [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter [Thu Aug 16 05:12:16 2007] [warn] (22)Invalid argument: Failed to enable the 'httpready' Accept Filter and in my /boot/loader.conf I have added accf_data_load=YES accf_http_load=YES Remove those. Here's why: The apache rc.d startup script automatically will load accf_http.ko. I also believe if that fails, Apache will try to load it. From my experiences kldload/kldunload with accf_* is not very friendly; I've seen where you can double-load the modules, and where you can't unload the modules despite nothing using them. If you have them built-in to your kernel, it gets even worse. It is not always possible to load modules after OS startup is done - when securelevel is 1 or above, you can not load kernel modules. Okay, then the apache rc.d script needs to take this into account, regardless of what rc.conf apache22_http_accept_enable is set to. That shouldn't be too hard to fix. __ NOD32 2466 (20070816) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
