Andrew Gillham writes:
> Yeah, the "Warez boyz" got you..

Yep, certainly did.  I did get a nice list of 3500 ip addresses out of
the deal though.  They are just the thing for feeding to my blackhole
filter.

> FWIW, why do you think your NetBSD box crashed?  Shouldn't the TCP
> state engine handle the problem?  Or was it just the fact that so many
> ftp processes were forked you ran out of swap?  

These are very good questions.  I was wondering that myself.  I doubt
that netbsd boxes ever get tested under these sorts of loads.  Short
of putting up a warez site, how does one get enough test machines to
ftp from. ;-)

I do have a touch on the large side of swap, but its not clear how
many ftp's were running before the crash.

    $ pstat -s
    Device      1K-blocks     Used    Avail Capacity  Priority
    /dev/sd0b      282150        4   282146     0%    0
    /dev/sd1b      313500        4   313496     0%    0
    Total          595650        8   595642     0%

There are a few things that could take some looking into.  After I
rebooted the first time I did see the following pop up after a minute
or two:

    Data modified on freelist: word 6 of object 0xf0b19880 size 128
    previous type temp (0xf0b52800 != 0xdeadbeef)

    Data modified on freelist: word 6 of object 0xf0b19880 size 128
    previous type temp (0xf0b52800 != 0xdeadbeef)

I had different fires to fight at the time, so I just ignored it.

-wolfgang
-- 
Wolfgang Rupprecht    <wolfgang@wsrcc.com>     http://www.wsrcc.com/wolfgang/
	  Never trust a program you don't have sources for.