2.0 RC1 CPU at 100% after 1-4 days

eri--

Its /var/etc/inetd.conf and not /etc/inetd.conf.

Can you be more clear is it working or not?

Coinbird

Ahh, right- the nc lines are indeed in /var/etc/inetd.conf.

Saturday's build died on me today, seemingly right after I added the aliases back to my NAT rules. I tried updating to a new build but it seems to have picked up the one dated Mar 24. I'll try updating again today shortly.

So, yes I'm still seeing the same problem, but will need to sort out the update before I can reproduce it again.

aijosh

I seem to be experiencing the same (or a similar) issue.

The patch here seems to be in my version, I'm running RC1 snapshot built on 3/25
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/650b573bd8a435449178385a2d132f7f0002d309

Had no issues with the 3/12 snapshot I was running before this.

Here's a sampling from ps:

root   34705  5.3  0.1  3436  1576  ??  Rs    1:49PM   4:53.07 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   37229  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   37346  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   37677  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   37760  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   38084  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   38350  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   38514  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   38535  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   38737  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39078  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39142  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39401  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39438  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39565  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39721  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   39981  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
root   40075  5.3  0.1  3436  1576  ??  R     3:20PM   0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf
nobody 19426  5.2  0.1  3344  1076  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 20394  5.2  0.0  1888   476  ??  Rs    3:20PM   0:00.00 nc -u -w 2000 Array 53
root   21785  5.2  0.1  3436  1596  ??  R     3:20PM   0:00.00 inetd: wrapping (inetd)
nobody 22002  5.2  0.1  3344  1072  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 22322  5.2  0.0  2320   880  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 22569  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 22650  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
root   22891  5.2  0.1  3436  1588  ??  R     3:20PM   0:00.00 inetd: wrapping (inetd)
nobody 23050  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 23175  5.2  0.1  3344  1148  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 23207  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
root   23414  5.2  0.1  3436  1592  ??  R     3:20PM   0:00.00 inetd: wrapping (inetd)
nobody 23557  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 23785  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
root   23925  5.2  0.1  3436  1588  ??  R     3:20PM   0:00.00 inetd: wrapping (inetd)
nobody 24162  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 24456  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
root   25449  5.2  0.1  3436  1584  ??  R     3:20PM   0:00.00 inetd: wrapping (inetd)
nobody 25886  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 26097  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 26161  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 26442  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 26763  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53
nobody 27273  5.2  0.1  3344  1144  ??  Rs    3:20PM   0:00.01 nc -u -w 2000 Array 53

Here is my /var/etc/inetd.conf

tftp-proxy      dgram   udp     wait            root    /usr/libexec/tftp-proxy tftp-proxy -v
19000   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.67 25
19001   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.67 53
19001   dgram   udp     nowait/0        nobody  /usr/bin/nc     nc -u -w 2000 Array 53
19002   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.67 636
19003   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.63 80
19004   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.63 443
19005   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.45 22
19006   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.45 80
19007   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.45 443
19008   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.40 22
19009   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.40 80
19010   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.40 443
19011   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.41 80
19012   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.41 443
19013   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.62 22
19014   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.62 80
19015   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.62 443
19016   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.69 80
19017   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.69 443
19018   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.69 3389
19019   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.49 80
19020   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.49 443
19021   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.20 22
19022   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.20 9996
19023   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.43 80
19024   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.43 443
19025   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.64 80
19026   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.64 443
19027   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.61 22
19028   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.61 80
19029   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.61 443
19030   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.2 443
19031   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.2 4125
19032   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.64 22
19033   stream  tcp     nowait/0        nobody  /usr/bin/nc     nc -w 2000 192.168.1.63 22

aijosh

OK, well I was able to fix my problem by turning off NAT reflection on the rule that was causing the weird line in /var/etc/inetd.conf

The problem was caused by a single NAT rule, tcp/udp forwarding port 53 to an internal server. Didn't need NAT reflection on that rule anyway.

clarknova

2.0-RC1 (amd64)
built on Sat Mar 26 00:18:39 EDT 2011

I just updated and saw the same thing here. I disabled NAT reflection and things quickly settled down, although I'm left with 3 zombie processes.

eri--

Can i have the port forward rules from one of you to try to replicate locally?

aijosh

Add any simple port forward with TCP/UDP as the protocol. I just changed an SSH forward from TCP to TCP/UDP and got this in /var/etc/inetd.conf:

19032  dgram  udp    nowait/0        nobody  /usr/bin/nc    nc -u -w 2000 Array 22

All my TCP only NAT rules are fine with reflection turned on. I haven't tested UDP only rules.

clarknova

@ermal:

Can i have the port forward rules from one of you to try to replicate locally?

Do you want a screen shot of the page, or some specific file?

eri--

Well i am more interested in the config.xml side of it to have locally.
So the config.xml part for this rule/port forward and the alias contents.

clarknova

This is my nat.xml and aliases.xml zipped. You'll have to change the extension.

nat.png