Re: [pfSense] TCPDUMP memory usage?
On 6/13/2012 10:36 AM, Adam Piasecki wrote: 60308 root1 440 831M 826M bpf 0 21.7H 0.00% tcpdump Looks like pfense launched this for pflog0. I have plenty of RAM still but it seems like 831M is a lot for just a log. Can you limit this? I have a CARP setup, with about 1000 users about 200mb/s peak bandwidth. None of my other sites are doing this, but this is the only one i have with CARP. Attached is a RRDGraph of the memory graph. What version of pfSense is that on? I don't recall seeing pflog's tcpdump process each that much RAM since the 1.2 days. I can't find any 2.x boxes that I can login to handily that have more than ~10M in memory used by that process. Jim ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Dansguardian + Squid = using swap.
Hi. I have the following issue: dansguardian + squid running on my machine. On the status screen from pfSense webgui i see physical RAM is used 24%, but swap is used 9%. Where to look why this happens? Both proxy servers running for ~ 65 days. Thanks for your hints. Greetings Juergen ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] TCPDUMP memory usage?
On 6/13/2012 1:09 PM, Jim Pingle wrote: On 6/13/2012 10:36 AM, Adam Piasecki wrote: 60308 root1 440 831M 826M bpf 0 21.7H 0.00% tcpdump Looks like pfense launched this for pflog0. I have plenty of RAM still but it seems like 831M is a lot for just a log. Can you limit this? I have a CARP setup, with about 1000 users about 200mb/s peak bandwidth. None of my other sites are doing this, but this is the only one i have with CARP. Attached is a RRDGraph of the memory graph. What version of pfSense is that on? I don't recall seeing pflog's tcpdump process each that much RAM since the 1.2 days. I can't find any 2.x boxes that I can login to handily that have more than ~10M in memory used by that process. Jim This is 2.0.1, Everything is working fine, Just had some users call in and said they were having slow speeds during peak times, i don't think this is causing that, just noticed it when looking through everything. The peaks in the graph are when i rebooted the box. Just scared it might eventually run out if I let it go long enough. Adam -- Adam M Piasecki MidAtlanticBroadband Office: 410-727-8250 x 123 Cell: 940-224-4837 Fax: 410-727-8245 ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Dansguardian + Squid = using swap.
Am 13.06.2012 19:19, schrieb J. Echter: Hi. I have the following issue: dansguardian + squid running on my machine. On the status screen from pfSense webgui i see physical RAM is used 24%, but swap is used 9%. Where to look why this happens? Both proxy servers running for ~ 65 days. i forgot to mention, if i restart both proxys swap is used 1%. that indicates to me its coming from proxy usage. cheers. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] failover sync question
I have a pair of firewalls set up with pfsync. pfSense 2.0.1/i386. I'm pushing a lot of connections and traffic, so had to bump the number of states in the Advanced - Firewall/NAT tab. This increased number did not show up on the backup firewall. Ditto for unchecking the disable nat reflection rules, and the optimization option (normal, aggressive, etc.). I have configured everything to sync except the three traffic shaper options and the captive portal, which I don't use. Most things do sync correctly, so I know it is not a communications or password issue. Also, my understanding is that it is supposed to sync the actual state table. Wouldn't that then show up on the backup as a similar number of state entries on the dashboard? I don't see anywhere close to the same number of states on the backup. I did a test of turning off the main firewall and all my connections (ssh) were lost, so it seems to me that this is not functioning. Any ideas on what to try? ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] PFsense setup with Squid + Squidguard
I have PFsense setup with Squid + Squidguard. Squid is redirecting LAN traffic to Squidguard and then to the internet. I need to be able to route clients outside my network through my squidguard and then to the internet. Note that I don't have a static IP address, but I do have Dynamic DNS setup for RDP access. Any help would be greatly appreciated. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] failover sync question
On Wed, Jun 13, 2012 at 2:33 PM, Vick Khera vi...@khera.org wrote: I have a pair of firewalls set up with pfsync. pfSense 2.0.1/i386. I'm pushing a lot of connections and traffic, so had to bump the number of states in the Advanced - Firewall/NAT tab. This increased number did not show up on the backup firewall. Ditto for unchecking the disable nat reflection rules, and the optimization option (normal, aggressive, etc.). SystemAdvanced does not sync. I have configured everything to sync except the three traffic shaper options and the captive portal, which I don't use. Most things do sync correctly, so I know it is not a communications or password issue. Also, my understanding is that it is supposed to sync the actual state table. Wouldn't that then show up on the backup as a similar number of state entries on the dashboard? I don't see anywhere close to the same number of states on the backup. I did a test of turning off the main firewall and all my connections (ssh) were lost, so it seems to me that this is not functioning. You have to enable synchronize states on the secondary too or it won't accept them. FirewallVIPs, CARP settings tab. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list