2.0 RC1 CPU at 100% after 1-4 days
-
Its /var/etc/inetd.conf and not /etc/inetd.conf.
Can you be more clear is it working or not?
-
Ahh, right- the nc lines are indeed in /var/etc/inetd.conf.
Saturday's build died on me today, seemingly right after I added the aliases back to my NAT rules. I tried updating to a new build but it seems to have picked up the one dated Mar 24. I'll try updating again today shortly.
So, yes I'm still seeing the same problem, but will need to sort out the update before I can reproduce it again.
-
I seem to be experiencing the same (or a similar) issue.
The patch here seems to be in my version, I'm running RC1 snapshot built on 3/25
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/650b573bd8a435449178385a2d132f7f0002d309Had no issues with the 3/12 snapshot I was running before this.
Here's a sampling from ps:
root 34705 5.3 0.1 3436 1576 ?? Rs 1:49PM 4:53.07 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 37229 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 37346 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 37677 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 37760 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 38084 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 38350 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 38514 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 38535 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 38737 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39078 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39142 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39401 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39438 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39565 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39721 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 39981 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf root 40075 5.3 0.1 3436 1576 ?? R 3:20PM 0:00.00 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf nobody 19426 5.2 0.1 3344 1076 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 20394 5.2 0.0 1888 476 ?? Rs 3:20PM 0:00.00 nc -u -w 2000 Array 53 root 21785 5.2 0.1 3436 1596 ?? R 3:20PM 0:00.00 inetd: wrapping (inetd) nobody 22002 5.2 0.1 3344 1072 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 22322 5.2 0.0 2320 880 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 22569 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 22650 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 root 22891 5.2 0.1 3436 1588 ?? R 3:20PM 0:00.00 inetd: wrapping (inetd) nobody 23050 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 23175 5.2 0.1 3344 1148 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 23207 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 root 23414 5.2 0.1 3436 1592 ?? R 3:20PM 0:00.00 inetd: wrapping (inetd) nobody 23557 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 23785 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 root 23925 5.2 0.1 3436 1588 ?? R 3:20PM 0:00.00 inetd: wrapping (inetd) nobody 24162 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 24456 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 root 25449 5.2 0.1 3436 1584 ?? R 3:20PM 0:00.00 inetd: wrapping (inetd) nobody 25886 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 26097 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 26161 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 26442 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 26763 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53 nobody 27273 5.2 0.1 3344 1144 ?? Rs 3:20PM 0:00.01 nc -u -w 2000 Array 53
Here is my /var/etc/inetd.conf
tftp-proxy dgram udp wait root /usr/libexec/tftp-proxy tftp-proxy -v 19000 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.67 25 19001 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.67 53 19001 dgram udp nowait/0 nobody /usr/bin/nc nc -u -w 2000 Array 53 19002 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.67 636 19003 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.63 80 19004 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.63 443 19005 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.45 22 19006 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.45 80 19007 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.45 443 19008 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.40 22 19009 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.40 80 19010 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.40 443 19011 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.41 80 19012 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.41 443 19013 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.62 22 19014 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.62 80 19015 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.62 443 19016 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.69 80 19017 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.69 443 19018 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.69 3389 19019 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.49 80 19020 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.49 443 19021 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.20 22 19022 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.20 9996 19023 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.43 80 19024 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.43 443 19025 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.64 80 19026 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.64 443 19027 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.61 22 19028 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.61 80 19029 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.61 443 19030 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.2 443 19031 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.2 4125 19032 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.64 22 19033 stream tcp nowait/0 nobody /usr/bin/nc nc -w 2000 192.168.1.63 22
-
OK, well I was able to fix my problem by turning off NAT reflection on the rule that was causing the weird line in /var/etc/inetd.conf
The problem was caused by a single NAT rule, tcp/udp forwarding port 53 to an internal server. Didn't need NAT reflection on that rule anyway.
-
2.0-RC1 (amd64)
built on Sat Mar 26 00:18:39 EDT 2011I just updated and saw the same thing here. I disabled NAT reflection and things quickly settled down, although I'm left with 3 zombie processes.
-
Can i have the port forward rules from one of you to try to replicate locally?
-
Add any simple port forward with TCP/UDP as the protocol. I just changed an SSH forward from TCP to TCP/UDP and got this in /var/etc/inetd.conf:
19032 dgram udp nowait/0 nobody /usr/bin/nc nc -u -w 2000 Array 22
All my TCP only NAT rules are fine with reflection turned on. I haven't tested UDP only rules.
-
@ermal:
Can i have the port forward rules from one of you to try to replicate locally?
Do you want a screen shot of the page, or some specific file?
-
Well i am more interested in the config.xml side of it to have locally.
So the config.xml part for this rule/port forward and the alias contents. -
This is my nat.xml and aliases.xml zipped. You'll have to change the extension.