High CPU Usage after upgrading to 22.05
-
@tohil said in High CPU Usage after upgrading to 22.05:
@fireodo
https://forum.netgate.com/topic/156604/pfblockerng-vs-pfblockerng-devel/7It seems I have to update and go to the devel version on all my installs...
That would (from my point of view) be a good move ...
(as far I recall, there should be no problems and all your settings are preserved - but BACKUP is allways recommended ) -
@mike-moon said in High CPU Usage after upgrading to 22.05:
I removed the bracket between the two quotes but did not replace that bracket by a space as required
I made the same mistake doing the patch by hand - hehehe
Yup what a difference.
I was thinking that "fix" didn't seem to do much.. Then as you can see from graph after putting in the space between the 's cpu util dropped off to normal, and yup did see a couple of degrees difference in the temp as well.
-
@johnpoz Johnpoz, can you give a "how to for idiots" on changing the script?
I've never changed the script file and not sure how to do it e.g. What software (Putty?/Text Editor, etc) and where do I go to change it.Sorry, I'm a newbie at this.
-
@frankzappa
Hiconnect to your pfsense via putty.
enter the following
vi /usr/local/pkg/pfblockerng/pfblockerng.inc
Then press "ESC" followed by ":" enter line number 4139
cursor jumps to the line.
go to the part to change, like the e of explode. press ESX followed by x. this removes char by char. delete all behind the e until then ;
$r = ;
then copy the new part
explode(' ', $result, 2)
Press ESC and I
then paste it with right click.
ESC / wq to save
reboot
hope this helps
-
Just do it from the pfSense GUI.
In the Diagnostics menu, go to Edit File
Type (or copy/paste) /usr/local/pkg/pfblockerng/pfblockerng.inc into the "Path of file to be edited" box and click "Load"
Type 4139 in the "Go to line #" box just below that and to the right, then click the button.
Make the edit (change the '?' to ' ' ensuring to make a space between the single quotes)
Click the "Save" button.
-
@sretalla Thanks folks, that seemed to work (using Edit File from GUI). Didn't know there was a GUI option to do that (although I'm familiar with Putty as well). Thanks for the help.
-
@frankzappa Update: Everything working Great! CPU usage is way down as well as temps.. This was an awesome fix!
As an aside: Holy Cow! You have to be pretty good at coding to find that error. Some smart dudes figured that one out. I'm not one of them!!! -
I noticed the "pfBlockerNG DNSBL service" was stopped after rebooting. I was able to start it from the dashboard. Just thought I'd mention it.
BTW, a reboot was required to get the CPU down. Restarting the pfBlocker services wasn't enough.
Edit: I think I spoke too soon:
CPU Activity last pid: 9211; load averages: 1.54, 0.92, 0.51 up 0+00:18:07 12:10:32 526 threads: 6 running, 490 sleeping, 30 waiting CPU: 10.2% user, 0.1% nice, 10.1% system, 0.4% interrupt, 79.1% idle Mem: 487M Active, 149M Inact, 476M Wired, 2701M Free ARC: 185M Total, 57M MFU, 123M MRU, 565K Anon, 1030K Header, 4060K Other 73M Compressed, 205M Uncompressed, 2.82:1 Ratio PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 44959 root 102 0 30M 19M RUN 0 1:59 96.58% /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf 11 root 155 ki31 0B 32K RUN 0 14:20 31.59% [idle{idle: cpu0}] 45117 root 42 0 60M 41M RUN 0 0:35 30.47% /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc index 11 root 155 ki31 0B 32K RUN 1 14:20 24.37% [idle{idle: cpu1}] 12 root -84 - 0B 480K WAIT 0 0:08 4.59% [intr{irq16: uart0+}] 0 root -76 - 0B 528K - 1 0:08 1.56% [kernel{if_io_tqg_1}] 0 root -76 - 0B 528K - 0 0:06 1.27% [kernel{if_io_tqg_0}] 23 root -16 - 0B 16K mmcsd 1 0:02 0.88% [mmcsd0: mmc/sd card] 45086 root 20 0 61M 41M piperd 0 0:01 0.29% /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc dnsbl 12762 root 20 0 415M 360M bpf 0 0:06 0.20% /usr/local/bin/snort -R _51743 -D -q --suppress-config-log --daq pcap --daq-mode passive --treat-drop-as-alert -l /var/log/snort/snort_ix351743 --pid-path /var/run --nolock-pidfile --no-interface-pidfile -G 51743 -c /usr/local/etc/snort/snort_51743_ix3/snort.conf -i ix3{snort} 32 root -16 - 0B 5088K - 0 0:01 0.20% [zpool-pfSense{zio_write_issue_hig}] 383 root 22 0 132M 46M piperd 1 0:06 0.10% php-fpm: pool nginx (php-fpm) 0 root -16 - 0B 528K swapin 0 0:24 0.00% [kernel{swapper}] 68621 root 20 0 29M 9232K kqread 0 0:08 0.00% nginx: worker process (nginx) 68836 root 20 0 28M 8616K kqread 1 0:08 0.00% nginx: worker process (nginx) 382 root 52 0 132M 46M accept 1 0:06 0.00% php-fpm: pool nginx (php-fpm) 60893 unbound 20 0 90M 70M kqread 1 0:05 0.00% /usr/local/sbin/unbound -c /var/unbound/unbound.conf{unbound} 35420 root 52 0 132M 45M accept 0 0:04 0.00% php-fpm: pool nginx (php-fpm) 0 root -76 - 0B 528K - 1 0:02 0.00% [kernel{if_config_tqg_0}] 32 root -12 - 0B 5088K - 0 0:02 0.00% [zpool-pfSense{zio_write_issue}] 60893 unbound 20 0 90M 70M kqread 0 0:01 0.00% /usr/local/sbin/unbound -c /var/unbound/unbound.conf{unbound} 14 root -8 - 0B 48K - 0 0:01 0.00% [geom{g_up}] 45749 root 23 0 61M 41M piperd 1 0:01 0.00% /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc queries 32 root -8 - 0B 5088K tx->tx 0 0:00 0.00% [zpool-pfSense{txg_thread_enter}] 32 root -16 - 0B 5088K - 1 0:00 0.00% [zpool-pfSense{zio_write_issue_hig}] 12 root -72 - 0B 480K WAIT 1 0:00 0.00% [intr{swi1: netisr 0}] 12 root -60 - 0B 480K WAIT 1 0:00 0.00% [intr{swi4: clock (0)}] 32 root -16 - 0B 5088K - 0 0:00 0.00% [zpool-pfSense{zio_write_intr_high}] 32 root -16 - 0B 5088K - 0 0:00 0.00% [zpool-pfSense{zio_ioctl_intr}] 19 root -16 - 0B 16K pftm 0 0:00 0.00% [pf purge]
-
The patch doesn't seem to be working for me. I have a vanilla pfBlockerNG-devel config and I start getting failed DNS lookups within an hour of starting the service. The patch is applied.
EDIT: The DNS failures are caused by a bug in unbound. There are work-arounds (disable IPv6 or tell unbound to serve expired records). Check out the "Slow DNS after upgrading to 22.05 thread).
-
-
-
-
-
I have also done this. It worked for a while. This morning I'm seeing a high CPU usage 80 - 100% pretty steady. I have edited line 4139 (done through the GUI.. Checked again this morning.
Not sure what is causing the issue. Is there some suggestions? Where do we look to figure out the cause??
Sorry, I'm still learning about this stuff!!
-
@wc2l You used a space not ‘’ without a space?
What does Diagnostics/System Activity show is using the CPU?
-
@steveits
This is what I see
last pid: 62290; load averages: 11.70, 7.34, 3.65 up 0+00:09:39 10:20:43
172 threads: 17 running, 130 sleeping, 3 zombie, 22 waiting
CPU: 71.7% user, 0.4% nice, 9.0% system, 11.2% interrupt, 7.7% idle
Mem: 270M Active, 123M Inact, 184M Wired, 84M Buf, 1413M FreePID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND
11 root -92 - 0B 176K WAIT 1 2:02 22.56% [intr{mpic0: mvneta1}]
91799 root 77 0 12M 9428K RUN 0 1:13 18.55% bzip2 -f /var/log/filter.log.4
48221 root 77 0 12M 9428K RUN 0 1:06 16.36% bzip2 -f /var/log/filter.log.1
90826 root 76 0 12M 9436K RUN 0 1:28 16.26% bzip2 -f /var/log/filter.log.0
27457 root 76 0 12M 9424K RUN 1 0:54 15.77% bzip2 -f /var/log/filter.log.5
59023 root 77 0 12M 9424K RUN 0 0:39 15.77% bzip2 -f /var/log/filter.log.6
99841 root 76 0 12M 9420K RUN 1 0:28 15.58% bzip2 -f /var/log/filter.log.2
9059 root 76 0 12M 9420K RUN 1 0:16 15.38% bzip2 -f /var/log/filter.log.3
24701 root 76 0 12M 9420K RUN 1 0:07 15.28% bzip2 -f /var/log/filter.log.4
95077 root 76 0 12M 9420K RUN 1 0:18 14.89% bzip2 -f /var/log/filter.log.0
23459 root 74 0 10M 7216K RUN 0 0:35 7.37% /usr/local/sbin/lighttpd_pfb -f /var/unbound/pfb_dnsbl_lighty.conf
41621 root 24 0 5760K 3124K CPU0 0 0:38 7.08% /usr/local/sbin/filterlog -i pflog0 -p /var/run/filterlog.pid
75977 root 23 0 4960K 2516K RUN 0 0:30 6.69% /usr/sbin/syslogd -s -c -c -l /var/dhcpd/var/run/log -P /var/run/syslog.pid -f /etc/syslog.conf
17203 root 21 0 4264K 1980K kqread 0 0:07 1.46% /usr/bin/tail_pfb -n0 -F /var/log/filter.log
31587 root 52 20 5068K 2268K wait 0 0:00 1.37% /bin/sh /var/db/rrd/updaterrd.sh
61507 root 52 20 4156K 1896K nanslp 0 0:00 1.37% sleep 60
21187 root 21 0 4264K 1980K RUN 1 0:07 1.27% /usr/bin/tail_pfb -n0 -F /var/log/filter.log
21355 root 20 0 49M 32M piperd 1 0:07 1.17% /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog
17389 root 21 0 49M 31M RUN 0 0:07 1.17% /usr/local/bin/php_pfb -f /usr/local/pkg/pfblockerng/pfblockerng.inc filterlog
24089 root 21 0 49M 32M piperd 0 0:09 0.88% /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc index
59075 root 24 0 121M 36M piperd 0 0:06 0.78% php-fpm: pool nginx (php-fpm)
10 root 155 ki31 0B 16K RUN 0 0:45 0.00% [idle{idle: cpu0}]
10 root 155 ki31 0B 16K RUN 1 0:44 0.00% [idle{idle: cpu1}]
82381 unbound 20 0 120M 104M kqread 1 0:11 0.00% /usr/local/sbin/unbound -c /var/unbound/unbound.conf{unbound}
386 root 52 0 121M 37M accept 0 0:06 0.00% php-fpm: pool nginx (php-fpm)
385 root 52 0 121M 38M accept 0 0:05 0.00% php-fpm: pool nginx (php-fpm)
11 root -92 - 0B 176K WAIT 1 0:04 0.00% [intr{mpic0: mvneta2}]
73132 root 52 0 121M 36M accept 0 0:03 0.00% php-fpm: pool nginx (php-fpm)
82381 unbound 20 0 120M 104M kqread 1 0:03 0.00% /usr/local/sbin/unbound -c /var/unbound/unbound.conf{unbound}
23861 root 20 0 49M 32M piperd 0 0:01 0.00% /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc dnsbl
0 root -16 - 0B 144K swapin 1 0:01 0.00% [kernel{swapper}]
11 root -60 - 0B 176K WAIT 1 0:01 0.00% [intr{swi4: clock (0)}]
92254 root 20 0 22M 7956K kqread 1 0:01 0.00% nginx: worker process (nginx)
26 root -16 - 0B 8192B mmcsd 1 0:01 0.00% [mmcsd0: mmc/sd card]
11 root -80 - 0B 176K WAIT 0 0:01 0.00% [intr{gic0,s25:-dhci_fdt0}]
8 root -16 - 0B 8192B pftm 0 0:01 0.00% [pf purge]
13 root -8 - 0B 24K - 0 0:00 0.00% [geom{g_up}]
18 root 20 - 0B 24K sdflus 1 0:00 0.00% [bufdaemon{/ worker}]
16 root -16 - 0B 24K psleep 0 0:00 0.00% [pagedaemon{dom0}]
4131 dhcpd 20 0 13M 8760K select 0 0:00 0.00% /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid mvneta1 mvneta1.3
91654 root 20 0 11M 5604K select 1 0:00 0.00% /usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf -p /var/run/ntpd.pid{ntpd}
15 root -16 - 0B 8192B mx25jq 0 0:00 0.00% [task: mx25l flash]
60302 root 20 0 5204K 2276K nanslp 0 0:00 0.00% /usr/local/bin/dpinger -S -r 0 -i WAN_DHCP -B 67.248.235.52 -p /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.pid -u /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.sock -C /etc/rc.gateway_alarm -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 67.248.224.1{dpinger}
0 root -76 - 0B 144K - 0 0:00 0.00% [kernel{softirq_0}]
0 root -76 - 0B 144K - 1 0:00 0.00% [kernel{softirq_1}]
5 root -16 - 0B 16K - 1 0:00 0.00% [cam{doneq0}]
9 root -16 - 0B 8192B - 0 0:00 0.00% [rand_harvestq]
6 root -16 - 0B 8192B e6000s 1 0:00 0.00% [e6000sw tick kproc]
20 root 16 - 0B 8192B syncer 0 0:00 0.00% [syncer]
384 root 20 0 91M 22M kqread 0 0:00 0.00% php-fpm: master process (/usr/local/lib/php-fpm.conf) (php-fpm)
60302 root 20 0 5204K 2276K sbwait 0 0:00 0.00% /usr/local/bin/dpinger -S -r 0 -i WAN_DHCP -B 67.248.235.52 -p /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.pid -u /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.sock -C /etc/rc.gateway_alarm -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 67.248.224.1{dpinger}
1 root 20 0 3260K 764K wait 1 0:00 0.00% [init]
11 root -52 - 0B 176K WAIT 0 0:00 0.00% [intr{swi6: Giant taskq}]
92567 root 20 0 20M 6776K kqread 1 0:00 0.00% nginx: worker process (nginx)
13 root -8 - 0B 24K - 0 0:00 0.00% [geom{g_event}]
18 root 20 - 0B 24K - 1 0:00 0.00% [bufdaemon{bufspacedaemon-0}]
11 root -52 - 0B 176K WAIT 0 0:00 0.00% [intr{swi6: task queue}]
14 root -68 - 0B 80K - 0 0:00 0.00% [usb{usbus1}]
0 root 8 - 0B 144K - 1 0:00 0.00% [kernel{thread taskq}]
14 root -68 - 0B 80K - 0 0:00 0.00% [usb{usbus0}]
27290 root 24 0 4568K 2208K wait 0 0:00 0.00% /usr/sbin/newsyslog
24573 root 23 0 4568K 2208K wait 1 0:00 0.00% /usr/sbin/newsyslog
40861 root 20 0 9736K 5988K select 1 0:00 0.00% /usr/local/sbin/openvpn --config /var/etc/openvpn/server1/config.ovpn{openvpn}
14629 root 20 0 4572K 2212K wait 1 0:00 0.00% /usr/sbin/newsyslog
64580 root 52 0 4568K 2208K wait 1 0:00 0.00% /usr/sbin/newsyslog
99605 root 24 0 4568K 2208K wait 0 0:00 0.00% /usr/sbin/newsyslog
73119 root 29 0 4992K 2576K wait 1 0:00 0.00% /bin/sh /usr/local/sbin/sshguard -i /var/run/sshguard.pid
60302 root 20 0 5204K 2276K nanslp 1 0:00 0.00% /usr/local/bin/dpinger -S -r 0 -i WAN_DHCP -B 67.248.235.52 -p /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.pid -u /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.sock -C /etc/rc.gateway_alarm -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 67.248.224.1{dpinger}
71805 root 31 0 4572K 2212K wait 1 0:00 0.00% /usr/sbin/newsyslog
58710 root 22 0 4568K 2208K wait 1 0:00 0.00% /usr/sbin/newsyslog
424 root 41 20 4936K 2452K kqread 1 0:00 0.00% /usr/local/sbin/check_reload_status
30189 root 52 0 5044K 2568K wait 0 0:00 0.00% login [pam] (login)
91714 root 23 0 4568K 2208K wait 0 0:00 0.00% /usr/sbin/newsyslog
90801 root 23 0 4848K 2272K nanslp 1 0:00 0.00% /usr/sbin/cron -s
11 root -72 - 0B 176K WAIT 1 0:00 0.00% [intr{swi1: netisr 0}]
22745 _dhcp 20 0 4972K 2328K select 0 0:00 0.00% dhclient: mvneta2 (dhclient)
8956 root 21 0 4568K 2208K wait 1 0:00 0.00% /usr/sbin/newsyslog
30746 root 52 0 5372K 2700K wait 0 0:00 0.00% -sh (sh)
5 root -16 - 0B 16K - 0 0:00 0.00% [cam{scanner}]
62290 root 25 0 6044K 2864K CPU1 1 0:00 0.00% /usr/bin/top -baHS 999
706 root 20 0 3660K 1100K select 0 0:00 0.00% /sbin/devd -q -f /etc/pfSense-devd.conf
32196 root 52 0 4908K 2568K ttyin 0 0:00 0.00% /bin/sh /etc/rc.initial
41832 root -52 r0 4288K 4312K nanslp 1 0:00 0.00% /usr/sbin/watchdogd -t 128
73851 root 29 0 5200K 2368K piperd 1 0:00 0.00% /usr/local/libexec/sshg-blocker{sshg-blocker}
13 root -8 - 0B 24K - 1 0:00 0.00% [geom{g_down}]
73572 root 27 0 11M 4028K piperd 0 0:00 0.00% /usr/local/libexec/sshg-parser
18 root -16 - 0B 24K psleep 0 0:00 0.00% [bufdaemon{bufdaemon}]
74219 root 42 0 4920K 2544K piperd 0 0:00 0.00% /bin/sh /usr/local/libexec/sshg-fw-pf
19 root -16 - 0B 8192B vlruwt 0 0:00 0.00% [vnlru]
16 root -16 - 0B 24K umarcl 0 0:00 0.00% [pagedaemon{uma}]
73456 root 26 0 4200K 1912K piperd 1 0:00 0.00% /bin/cat
60302 root 20 0 5204K 2276K accept 1 0:00 0.00% /usr/local/bin/dpinger -S -r 0 -i WAN_DHCP -B 67.248.235.52 -p /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.pid -u /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.sock -C /etc/rc.gateway_alarm -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 67.248.224.1{dpinger}
92131 root 29 0 20M 6304K pause 1 0:00 0.00% nginx: master process /usr/local/sbin/nginx -c /var/etc/nginx-webConfigurator.conf (nginx)
11 root -72 - 0B 176K WAIT 0 0:00 0.00% [intr{swi1: netisr 1}]
11 root -76 - 0B 176K WAIT 1 0:00 0.00% [intr{swi0: uart uart}]
11 root -88 - 0B 176K WAIT 0 0:00 0.00% [intr{gic0,s26: ahci0}]
14 root -68 - 0B 80K - 1 0:00 0.00% [usb{usbus1}]
58244 root 21 0 4848K 2276K piperd 1 0:00 0.00% cron: running job (cron)
17110 root 25 0 12M 6544K select 0 0:00 0.00% sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups (sshd)
14313 root 20 0 5108K 2280K piperd 1 0:00 0.00% cron: running job (cron)
60302 root 52 0 5204K 2276K uwait 0 0:00 0.00% /usr/local/bin/dpinger -S -r 0 -i WAN_DHCP -B 67.248.235.52 -p /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.pid -u /var/run/dpinger_WAN_DHCP~67.248.235.52~67.248.224.1.sock -C /etc/rc.gateway_alarm -d 1 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 67.248.224.1{dpinger}
71304 root 20 0 5108K 2280K piperd 1 0:00 0.00% cron: running job (cron)
64325 root 20 0 5108K 2280K piperd 1 0:00 0.00% cron: running job (cron)
16209 root 4 0 4900K 2224K select 1 0:00 0.00% dhclient: mvneta2 [priv] (dhclient)
426 root 52 20 4896K 2300K kqread 0 0:00 0.00% check_reload_status: Monitoring daemon of check_reload_status (check_reload_status)
8672 root 20 0 4848K 2276K piperd 0 0:00 0.00% cron: running job (cron)
91026 root 21 0 4848K 2276K piperd 0 0:00 0.00% cron: running job (cron)
99406 root 20 0 4848K 2276K piperd 0 0:00 0.00% cron: running job (cron)
23892 root 20 0 4848K 2276K piperd 0 0:00 0.00% cron: running job (cron)
11 root -80 - 0B 176K WAIT 0 0:00 0.00% [intr{gic0,s2: twsi0}]
26616 root 20 0 4848K 2276K piperd 1 0:00 0.00% cron: running job (cron)
76887 root 20 0 4296K 1944K nanslp 0 0:00 0.00% minicron: helper /usr/local/bin/ping_hosts.sh (minicron)
76896 root 52 0 4272K 1936K wait 0 0:00 0.00% /usr/local/bin/minicron 300 /var/run/ipsec_keepalive.pid /usr/local/bin/ipsec_keepalive.php
77935 root 52 0 4272K 1936K wait 0 0:00 0.00% /usr/local/bin/minicron 86400 /var/run/update_alias_url_data.pid /usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data
76533 root 52 0 4272K 1936K wait 1 0:00 0.00% /usr/local/bin/minicron 240 /var/run/ping_hosts.pid /usr/local/bin/ping_hosts.sh
77372 root 52 0 4272K 1936K wait 0 0:00 0.00% /usr/local/bin/minicron 3600 /var/run/expire_accounts.pid /usr/local/sbin/fcgicli -f /etc/rc.expireaccounts
77251 root 34 0 4292K 1940K nanslp 1 0:00 0.00% minicron: helper /usr/local/bin/ipsec_keepalive.php (minicron)
77712 root 52 0 4292K 1940K nanslp 1 0:00 0.00% minicron: helper /usr/local/sbin/fcgicli -f /etc/rc.expireaccounts (minicron)
78196 root 52 0 4296K 1944K nanslp 0 0:00 0.00% minicron: helper /usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data (minicron)
74018 root 29 0 4992K 2572K wait 1 0:00 0.00% /bin/sh /usr/local/sbin/sshguard -i /var/run/sshguard.pid
23 root -16 - 0B 8192B - 1 0:00 0.00% [soaiod2]
24 root -16 - 0B 8192B - 1 0:00 0.00% [soaiod3]
22 root -16 - 0B 8192B - 0 0:00 0.00% [soaiod1]
25 root -16 - 0B 8192B - 1 0:00 0.00% [soaiod4]
73851 root 20 0 5200K 2368K nanslp 0 0:00 0.00% /usr/local/libexec/sshg-blocker{sshg-blocker}
27 root -16 - 0B 8192B mmcsd 0 0:00 0.00% [mmcsd0boot0: mmc/sd]
28 root -16 - 0B 8192B mmcsd 0 0:00 0.00% [mmcsd0boot1: mmc/sd]
7 root -16 - 0B 8192B waitin 1 0:00 0.00% [sctp_iterator]
0 root 8 - 0B 144K - 1 0:00 0.00% [kernel{inm_free taskq}]
11 root -72 - 0B 176K WAIT 0 0:00 0.00% [intr{swi1: pf send}]
40861 root 52 0 9736K 5988K kqread 0 0:00 0.00% /usr/local/sbin/openvpn --config /var/etc/openvpn/server1/config.ovpn{openvpn}
0 root -8 - 0B 144K - 0 0:00 0.00% [kernel{CAM taskq}]
0 root -92 - 0B 144K - 0 0:00 0.00% [kernel{mvneta0: tx_taskq(0}]
16 root -16 - 0B 24K launds 0 0:00 0.00% [pagedaemon{laundry: dom0}]
0 root 8 - 0B 144K - 1 0:00 0.00% [kernel{firmware taskq}]
0 root -20 - 0B 144K - 1 0:00 0.00% [kernel{crypto_0}]
2 root -16 - 0B 8192B crypto 1 0:00 0.00% [crypto]
0 root -76 - 0B 144K - 0 0:00 0.00% [kernel{if_io_tqg_0}]
0 root -76 - 0B 144K - 1 0:00 0.00% [kernel{if_io_tqg_1}]
12 root -16 - 0B 16K sleep 1 0:00 0.00% [ng_queue{ng_queue1}]
12 root -16 - 0B 16K sleep 1 0:00 0.00% [ng_queue{ng_queue0}]
17 root -16 - 0B 8192B psleep 0 0:00 0.00% [vmdaemon]
21 root -16 - 0B 8192B aldslp 0 0:00 0.00% [ALQ Daemon]
3 root -16 - 0B 8192B crypto 1 0:00 0.00% [crypto returns 0]
0 root -20 - 0B 144K - 1 0:00 0.00% [kernel{crypto_1}]
14 root -68 - 0B 80K - 0 0:00 0.00% [usb{usbus0}]
14 root -68 - 0B 80K - 0 0:00 0.00% [usb{usbus0}]
0 root -92 - 0B 144K - 0 0:00 0.00% [kernel{mvneta1: tx_taskq(0}]
0 root -92 - 0B 144K - 0 0:00 0.00% [kernel{mvneta2: tx_taskq(0}]
0 root 8 - 0B 144K - 0 0:00 0.00% [kernel{aiod_kick taskq}]
0 root 8 - 0B 144K - 0 0:00 0.00% [kernel{kqueue_ctx taskq}]
0 root 8 - 0B 144K - 0 0:00 0.00% [kernel{in6m_free taskq}]
4 root -16 - 0B 8192B crypto 1 0:00 0.00% [crypto returns 1]
14 root -68 - 0B 80K - 0 0:00 0.00% [usb{usbus1}]
14 root -72 - 0B 80K - 0 0:00 0.00% [usb{usbus1}]
14 root -72 - 0B 80K - 0 0:00 0.00% [usb{usbus0}]
14 root -76 - 0B 80K - 0 0:00 0.00% [usb{usbus0}]
14 root -76 - 0B 80K - 0 0:00 0.00% [usb{usbus1}]
0 root -76 - 0B 144K - 0 0:00 0.00% [kernel{if_config_tqg_0}]
11 root -56 - 0B 176K WAIT -1 0:00 0.00% [intr{swi5: fast taskq}]
11 root -60 - 0B 176K WAIT -1 0:00 0.00% [intr{swi4: clock (1)}]
11 root -64 - 0B 176K WAIT -1 0:00 0.00% [intr{swi3: vm}]
11 root -72 - 0B 176K WAIT -1 0:00 0.00% [intr{swi1: pfsync}]
11 root -80 - 0B 176K WAIT -1 0:00 0.00% [intr{gic0,s1: spi0}]
11 root -88 - 0B 176K WAIT -1 0:00 0.00% [intr{gic0,s18: ehci0}]
11 root -88 - 0B 176K WAIT -1 0:00 0.00% [intr{gic0,s17: xhci0}]
11 root -92 - 0B 176K WAIT -1 0:00 0.00% [intr{mpic0: mvneta0}]
11 root -92 - 0B 176K WAIT -1 0:00 0.00% [intr{gic0,s19: cesa0}]
11 root -92 - 0B 176K WAIT -1 0:00 0.00% [intr{gic0,s20: cesa1}] -
@wc2l bzip is the log compression. If you have a slower CPU (or storage) device disable log compression per Netgate. If using ZFS that already compresses anyway.
Alternately check if there is a lot of noise in your logs.
-
@steveits Where is the log compression setting??
I did post an issue with a IPv6 address that is in the firewall logs.
https://forum.netgate.com/topic/174090/ipv6-device-address-but-no-ipv4-to-match-mac
Lots of activity for the IPv6 rule -
@wc2l Status/System Logs/Settings
-