Ola Rudnei,
Creio que seu problema deve ser o Penalty Box.
Se voce executou o wizard do pfSense pra gerar as regras rode novamente o
wizard sem selecionar: Penalize IP or Alias
This will lower the priority of traffic from this IP or alias.
Isso realmente faz com que determinadas maquinas tenham seu acesso mais do
que limitado.
Um forte abraco.
Carlos Jardim
----- Original Message -----
From: "Rudinei Dias" <rudinei.d...@gmail.com>
To: "Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)"
<freebsd@fug.com.br>
Sent: Wednesday, May 27, 2009 2:21 PM
Subject: [FUG-BR] PFSense - Depois de aproximadamente 30 minutos, o trafego
de internet é bloqueado
Pessoal,
recorro aqui depois de recorrer ao forum do PFSense e ao google.
Instalei um PFSense para fazer um teste de traffic shaping na minha
rede de um laboratório de informática.
Habilito o traffic shaping e funciona tudo bem. Porém após mais ou
menos 30 minutos, o trafego de internet para.
Isso ocorre todas as vezes, em que o meu tráfego está alto.
Quando libero o traffic shaping e, as vezes libera, as vezes não.
Obviamente essa é uma máquina de teste, por isso a configuração
é pouca, mas ainda muito superior ao minimo exigido.
Não tenho idéia de onde procurar o problema, não há falta de espaço
em disco nem na área de logs. o TOP não passou de 30% de carga
da CPU.
Neste pefsense está habilitado o proxy transparente.
O que mais posso verificar?
desde já agradeço.
abaixo transcrevo meu dmesg e o syslog.
dmesg
Copyright (c) 1992-2008 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 7.0-RELEASE-p8 #0: Thu Jan 8 22:07:30 EST 2009
sullr...@freebsd7-releng_1_2_1.pfsense.org:/usr/obj.pfSense/usr/src/sys/pfSe
nse.7
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: AMD Duron(tm) Processor (946.65-MHz 686-class CPU)
Origin = "AuthenticAMD" Id = 0x631 Stepping = 1
Features=0x183f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PA
T,PSE36,MMX,FXSR>
AMD Features=0xc0440800<SYSCALL,<b18>,MMX+,3DNow!+,3DNow!>
real memory = 520093696 (496 MB)
avail memory = 494710784 (471 MB)
wlan: mac acl policy registered
ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413)
hptrr: HPT RocketRAID controller driver v1.1 (Jan 8 2009 22:07:11)
cryptosoft0: <software crypto> on motherboard
cpu0 on motherboard
pcib0: <Host to PCI bridge> pcibus 0 on motherboard
pir0: <PCI Interrupt Routing Table: 4 Entries> on motherboard
pci0: <PCI bus> on pcib0
agp0: <SiS 730 host to AGP bridge> on hostb0
atapci0: <SiS 730 UDMA100 controller> port
0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0
xff00-0xff0f at device 0.1 on pci0
ata0: <ATA channel 0> on atapci0
ata0: [ITHREAD]
ata1: <ATA channel 1> on atapci0
ata1: [ITHREAD]
isab0: <PCI-ISA bridge> at device 1.0 on pci0
isa0: <ISA bus> on isab0
sis0: <SiS 900 10/100BaseTX> port 0xd400-0xd4ff mem
0xcfff7000-0xcfff7fff irq 3 at device 1.1
on pci0
miibus0: <MII bus> on sis0
rlphy0: <RTL8201L 10/100 media interface> PHY 0 on miibus0
rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
sis0: Ethernet address: 00:e0:06:f7:a2:51
sis0: [ITHREAD]
ohci0: <SiS 5571 USB controller> mem 0xcfffc000-0xcfffcfff irq 5 at
device 1.2 o n pci0
ohci0: [GIANT-LOCKED]
ohci0: [ITHREAD]
usb0: OHCI version 1.0, legacy support
usb0: <SiS 5571 USB controller> on ohci0
usb0: USB revision 1.0
uhub0: <SiS OHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb0
uhub0: 3 ports with 3 removable, self powered
ohci1: <SiS 5571 USB controller> mem 0xcfffd000-0xcfffdfff irq 5 at
device 1.3 o n pci0
ohci1: [GIANT-LOCKED]
ohci1: [ITHREAD]
usb1: OHCI version 1.0, legacy support
usb1: <SiS 5571 USB controller> on ohci1
usb1: USB revision 1.0
uhub1: <SiS OHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb1
uhub1: 3 ports with 3 removable, self powered
pci0: <multimedia, audio> at device 1.4 (no driver attached)
pcib1: <PCI-PCI bridge> at device 2.0 on pci0
pci1: <PCI bus> on pcib1
vgapci0: <VGA-compatible display> port 0xac00-0xac7f mem
0xc0000000-0xc7ffffff,0
xcfee0000-0xcfefffff at device 0.0 on pci1
dc0: <Davicom DM9102A 10/100BaseTX> port 0xd000-0xd0ff mem
0xcfff6f00-0xcfff6fff irq 11 at device 9.0
on pci0
miibus1: <MII bus> on dc0
amphy0: <DM9102 10/100 media interface> PHY 1 on miibus1
amphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
dc0: Ethernet address: 00:80:ad:71:65:db
dc0: [ITHREAD]
rl0: <RealTek 8139 10/100BaseTX> port 0xcc00-0xccff mem
0xcfff6e00-0xcfff6eff ir q 3 at device 11.0
on pci0
miibus2: <MII bus> on rl0
rlphy1: <RealTek internal media interface> PHY 0 on miibus2
rlphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
rl0: Ethernet address: 00:e0:7d:cd:51:5c
rl0: [ITHREAD]
pmtimer0 on isa0
orm0: <ISA Option ROMs> at iomem 0xc0000-0xcbfff,0xcc000-0xd3fff pnpid
ORM0000 o n isa0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: [ITHREAD]
psm0: model IntelliMouse Explorer, device ID 4
fdc0: <Enhanced floppy controller> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on
isa0
fdc0: [FILTER]
ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0
ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
ppbus0: <Parallel port bus> on ppc0
ppbus0: [ITHREAD]
plip0: <PLIP network interface> on ppbus0
lpt0: <Printer> on ppbus0
lpt0: Interrupt-driven port
ppi0: <Parallel I/O> on ppbus0
ppc0: [GIANT-LOCKED]
ppc0: [ITHREAD]
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio0: [FILTER]
sio1: configured irq 3 not in bitmap of probed irqs 0
sio1: port may not be enabled
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
unknown: <PNP0c01> can't assign resources (memory)
unknown: <PNP0303> can't assign resources (port)
speaker0: <PC speaker> at port 0x61 pnpid PNP0800 on isa0
unknown: <PNP0501> can't assign resources (port)
unknown: <PNP0400> can't assign resources (port)
unknown: <PNP0700> can't assign resources (port)
unknown: <PNP0f13> can't assign resources (irq)
Timecounter "TSC" frequency 946650405 Hz quality 800
Timecounters tick every 1.000 msec
Fast IPsec: Initialized Security Association Processing.
hptrr: no controller detected.
ad0: 19470MB <MAXTOR 4K020H1 A08.1500> at ata0-master PIO4
acd0: CDROM <ATAPI-CD ROM-DRIVE-56MAX/Ver 56CD> at ata1-master PIO4
Trying to mount root from ufs:/dev/ad0s1a
dc0: link state changed to UP
bridge0: Ethernet address: e2:20:2d:e0:a6:f5
dc0: promiscuous mode enabled
sis0: promiscuous mode enabled
sis0: link state changed to UP
rl0: link state changed to DOWN
pflog0: promiscuous mode enabled
dc0: link state changed to DOWN
dc0: link state changed to UP
system.log
------------------------
May 26 20:13:01 fwlab kernel: atkbdc0: <Keyboard controller (i8042)>
at port 0x60,0x64 on isa0
May 26 20:13:01 fwlab kernel: atkbd0: <AT Keyboard> irq 1 on atkbdc0
May 26 20:13:01 fwlab kernel: kbd0 at atkbd0
May 26 20:13:01 fwlab kernel: atkbd0: [GIANT-LOCKED]
May 26 20:13:01 fwlab kernel: atkbd0: [ITHREAD]
May 26 20:13:01 fwlab kernel: psm0: <PS/2 Mouse> irq 12 on atkbdc0
May 26 20:13:01 fwlab kernel: psm0: [GIANT-LOCKED]
May 26 20:13:01 fwlab kernel: psm0: [ITHREAD]
May 26 20:13:01 fwlab kernel: psm0: model IntelliMouse Explorer, device ID 4
May 26 20:13:01 fwlab kernel: fdc0: <Enhanced floppy controller> at
port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on is a0
May 26 20:13:01 fwlab kernel: fdc0: [FILTER]
May 26 20:13:01 fwlab kernel: ppc0: <Parallel port> at port
0x378-0x37f irq 7 on isa0
May 26 20:13:01 fwlab kernel: ppc0: Generic chipset (NIBBLE-only) in
COMPATIBLE mode
May 26 20:13:01 fwlab kernel: ppbus0: <Parallel port bus> on ppc0
May 26 20:13:01 fwlab kernel: ppbus0: [ITHREAD]
May 26 20:13:01 fwlab kernel: plip0: <PLIP network interface> on ppbus0
May 26 20:13:01 fwlab kernel: lpt0: <Printer> on ppbus0
May 26 20:13:01 fwlab kernel: lpt0: Interrupt-driven port
May 26 20:13:01 fwlab kernel: ppi0: <Parallel I/O> on ppbus0
May 26 20:13:01 fwlab kernel: ppc0: [GIANT-LOCKED]
May 26 20:13:01 fwlab kernel: ppc0: [ITHREAD]
May 26 20:13:01 fwlab kernel: sc0: <System console> at flags 0x100 on isa0
May 26 20:13:01 fwlab kernel: sc0: VGA <16 virtual consoles, flags=0x300>
May 26 20:13:01 fwlab kernel: sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on
isa0
May 26 20:13:01 fwlab kernel: sio0: type 16550A
May 26 20:13:01 fwlab kernel: sio0: [FILTER]
May 26 20:13:01 fwlab kernel: sio1: configured irq 3 not in bitmap of
probed irqs 0
May 26 20:13:01 fwlab kernel: sio1: port may not be enabled
May 26 20:13:01 fwlab kernel: vga0: <Generic ISA VGA> at port
0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
May 26 20:13:01 fwlab kernel: unknown: <PNP0c01> can't assign resources
(memory)
May 26 20:13:01 fwlab kernel: unknown: <PNP0303> can't assign resources
(port)
May 26 20:13:01 fwlab kernel: speaker0: <PC speaker> at port 0x61
pnpid PNP0800 on isa0
May 26 20:13:01 fwlab kernel: unknown: <PNP0501> can't assign resources
(port)
May 26 20:13:01 fwlab kernel: unknown: <PNP0400> can't assign resources
(port)
May 26 20:13:01 fwlab kernel: unknown: <PNP0700> can't assign resources
(port)
May 26 20:13:01 fwlab kernel: unknown: <PNP0f13> can't assign resources
(irq)
May 26 20:13:01 fwlab kernel: Timecounter "TSC" frequency 946650405 Hz
quality 800
May 26 20:13:01 fwlab kernel: Timecounters tick every 1.000 msec
May 26 20:13:01 fwlab kernel: Fast IPsec: Initialized Security
Association Processing.
May 26 20:13:01 fwlab kernel: hptrr: no controller detected.
May 26 20:13:01 fwlab kernel: ad0: 19470MB <MAXTOR 4K020H1 A08.1500>
at ata0-master PIO4
May 26 20:13:01 fwlab kernel: acd0: CDROM <ATAPI-CD
ROM-DRIVE-56MAX/Ver 56CD> at ata1-master PIO4
May 26 20:13:01 fwlab kernel: Trying to mount root from ufs:/dev/ad0s1a
May 26 20:13:01 fwlab kernel: dc0: link state changed to UP
May 26 20:13:01 fwlab php: : foreach if is lan
May 26 20:13:01 fwlab php: : foreach if is wan
May 26 20:13:01 fwlab kernel: bridge0: Ethernet address: e2:20:2d:e0:a6:f5
May 26 20:13:01 fwlab php: : An error occurred while trying to obtain
the MTU setting for dc0. Using 1500.
May 26 20:13:01 fwlab php: : An error occurred while trying to obtain
the MTU setting for sis0. Using 1500.
May 26 20:13:02 fwlab kernel: dc0: promiscuous mode enabled
May 26 20:13:02 fwlab kernel: sis0: promiscuous mode enabled
May 26 20:13:02 fwlab kernel: sis0: link state changed to UP
May 26 20:13:02 fwlab kernel: rl0: link state changed to DOWN
May 26 20:13:03 fwlab kernel: pflog0: promiscuous mode enabled
May 26 20:13:03 fwlab php: : SQUID is installed but not started. Not
installing redirect rules.
May 26 20:13:03 fwlab php: : SQUID is installed but not started. Not
installing redirect rules.
May 26 20:13:03 fwlab pftpx[369]: listening on 127.0.0.1 port 8021
May 26 20:13:03 fwlab pftpx[369]: listening on 127.0.0.1 port 8021
May 26 20:13:09 fwlab php: : NOTE: DHCP Server on LAN is enabled.
May 26 20:13:09 fwlab dhcpd: Internet Systems Consortium DHCP Server V3.0.5
May 26 20:13:09 fwlab dhcpd: Copyright 2004-2006 Internet Systems
Consortium.
May 26 20:13:09 fwlab dhcpd: All rights reserved.
May 26 20:13:09 fwlab dhcpd: For info, please visit
http://www.isc.org/sw/dhcp/
May 26 20:13:09 fwlab dnsmasq[472]: started, version 2.45 cachesize 150
May 26 20:13:09 fwlab dnsmasq[472]: compile time options: IPv6
GNU-getopt BSD-bridge ISC-leasefile no-DBus n o-I18N
TFTP
May 26 20:13:09 fwlab dnsmasq[472]: reading /etc/resolv.conf
May 26 20:13:09 fwlab dnsmasq[472]: using nameserver 200.199.201.23#53
May 26 20:13:09 fwlab dnsmasq[472]: using nameserver 200.199.252.68#53
May 26 20:13:09 fwlab dnsmasq[472]: read /etc/hosts - 2 addresses
May 26 20:13:12 fwlab php: : SQUID is installed but not started. Not
installing redirect rules.
May 26 20:13:12 fwlab php: : SQUID is installed but not started. Not
installing redirect rules.
May 26 20:13:13 fwlab php: : Creating rrd update script
May 26 20:13:14 fwlab php: : NOTE: DHCP Server on LAN is enabled.
May 26 20:13:14 fwlab dhcpd: Internet Systems Consortium DHCP Server V3.0.5
May 26 20:13:14 fwlab dhcpd: Copyright 2004-2006 Internet Systems
Consortium.
May 26 20:13:14 fwlab dhcpd: All rights reserved.
May 26 20:13:14 fwlab dhcpd: For info, please visit
http://www.isc.org/sw/dhcp/
May 26 20:13:15 fwlab php: : Resyncing configuration for all packages.
May 26 20:13:11 fwlab php: : Reloading Squid for configuration sync
May 26 20:13:12 fwlab last message repeated 6 times
May 26 20:13:12 fwlab php: : The Backup package is missing required
dependencies and must be reinstalled.
May 26 20:13:12 fwlab php: : The Backup package is missing required
dependencies and must be reinstalled.
May 26 20:13:13 fwlab php: : The Cron package is missing required
dependencies and must be reinstalled.
May 26 20:13:13 fwlab php: : The Cron package is missing required
dependencies and must be reinstalled.
May 26 20:13:13 fwlab squid[879]: Squid Parent: child process 881 started
May 26 20:13:14 fwlab check_reload_status: check_reload_status is starting
May 26 20:13:16 fwlab login: login on ttyv0 as root
May 26 20:13:16 fwlab sshlockout[948]: sshlockout starting up
May 26 20:13:16 fwlab sshlockout[948]: sshlockout starting up
May 26 20:13:18 fwlab Squid_Alarm[961]: Squid has exited. Reconfiguring
filter.
May 26 20:13:18 fwlab Squid_Alarm[963]: Attempting restart...
May 26 20:13:18 fwlab squid[970]: Squid Parent: child process 973 started
May 26 20:13:21 fwlab Squid_Alarm[1027]: Reconfiguring filter...
May 26 20:13:23 fwlab Squid_Alarm[1110]: Squid has resumed.
Reconfiguring filter.
May 26 20:15:15 fwlab php: /ifstats.php: [DEBUG] Lock recursion detected.
May 26 20:15:19 fwlab php: /sajax/index.sajax.php: [DEBUG] Lock
recursion detected.
May 26 20:15:28 fwlab php: /pkg_edit.php: Reloading Squid for configuration
sync
May 26 20:15:30 fwlab check_reload_status: reloading filter
May 26 20:20:57 fwlab check_reload_status: reloading filter
May 26 20:33:41 fwlab kernel: dc0: link state changed to DOWN
May 26 20:34:26 fwlab kernel: dc0: link state changed to UP
May 26 20:34:30 fwlab check_reload_status: rc.linkup starting
May 26 21:13:18 fwlab php: : New alert found: pfSense has started
creating your SSH keys. SSH Startup will be delayed.
Please note that reloading the filter rules and changes will be
delayed until this operation is completed.
May 26 21:13:22 fwlab php: : New alert found: pfSense has completed
creating your SSH keys. SSH is now star ted.
May 26 21:13:23 fwlab sshd[19360]: Server listening on :: port 22.
May 26 21:13:23 fwlab sshd[19360]: Server listening on 0.0.0.0 port 22.
May 26 21:38:34 fwlab sshd[26133]: Invalid user rudinei from 20.1.0.50
May 26 21:38:34 fwlab sshd[26133]: Failed none for invalid user
rudinei from 20.1.0.50 port 4077 ssh2
May 26 21:38:37 fwlab sshd[26133]: error: PAM: authentication error
for illegal user rudinei from 20.1.0.50
May 26 21:38:37 fwlab sshd[26133]: error: PAM: authentication error
for illegal user rudinei from 20.1.0.50
May 26 21:38:37 fwlab sshd[26133]: Failed keyboard-interactive/pam for
invalid user rudinei from 20.1.0.50 p ort 4077 ssh2
May 26 21:38:44 fwlab sshd[26133]: error: PAM: authentication error
for illegal user rudinei from 20.1.0.50
May 26 21:38:44 fwlab sshd[26133]: Failed keyboard-interactive/pam for
invalid user rudinei from 20.1.0.50 p ort 4077 ssh2
May 26 21:38:54 fwlab sshd[26198]: Accepted keyboard-interactive/pam
for root from 20.1.0.50 port 4078 ssh2
May 26 21:38:44 fwlab sshd[26133]: error: PAM: authentication error
for illegal user rudinei from 20.1.0.50
-------------------------------------------------------------
Rudinei Dias
-------------------------
Histórico: http://www.fug.com.br/historico/html/freebsd/
Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
__________ Information from ESET Smart Security, version of virus signature
database 4108 (20090527) __________
The message was checked by ESET Smart Security.
http://www.eset.com
-------------------------
Histórico: http://www.fug.com.br/historico/html/freebsd/
Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
