Constantly reloading rules
-
What could be the problem that filter rules are constantly reloading with no errors??
How can I stop this, because it consumes processor all time?
-
What version are you using? If it's one of the latest snapshots please read the snapshotwarning at the forum mainpage, newssection (fading area on top). If you already run such a snapshot I recommend upgrading though the new feature is not yet done.
-
I'm running 1.0.1 built on Sun Oct 29 01:45:08 UTC 2006
Can you tell Me please what determines that rules are already reloaded?
How can I stop this? -
Haven't see such a problem with 1.0.1 release yet (nor with any other version actually). Can you show us your systemlogs? Does a reboot fix it?
-
Sometimes there are no errors reloading rules.
Sometimes I get someting like this:
Acknowledge All .:. 03-26-07 06:11:44 - [filter_load]There where error(s) loading the rules: pfctl: DIOCADDRULE: Device busy The line in question reads [ DIOCADDRULE]: .:.Reboot helps (for some time)..
-
Haven't seen anything like this. Perhaps you should reinstall.
-
It's fresh copy.. So, reinstalling is not a solution.
What happens after I click "Apply Changes" when editing rules?? Which files are processed?
-
confi.xml is them rewritten
and then reread -
Any chance this is a carp cluster and you set up some syncing loop (master->slave->master->slave->…)?
-
Nope.. It's not CARP cluster. I have dual WAN Internet connection with Load balancer turned on. I guess I know what was the reason. As a matter of fact there were two.. :)
First - one of My ISP was messing with My ADSL connection. (there should be an option in Load balancer to adjust time of finding that one of connections is offline)
Second - I added some rules to /etc/crontab wrong way. (My bad)Problem solved.. :)
-
First - one of My ISP was messing with My ADSL connection. (there should be an option in Load balancer to adjust time of finding that one of connections is offline)
We raised the timeoutlevel for the linkdown detection in newer snapshots to be not that sensitive anymore so this should be fixed (unless your link is really really bad).
-
Super, it will be helpful! But time of reaction should be balanced too, not too quick not too slow. It would be nice if I could define it Myself..
-
Afaik it's hardcoded in the slbd binary and therefor not that easily configurable but I might be wrong here.
-
Afaik it's hardcoded in the slbd binary and therefor not that easily configurable but I might be wrong here.
You are absolutely correct.