[Tor-BSD] kernel: ... was killed: out of swap space

George Rosamond george at ceetonetechnology.com
Mon Feb 19 13:51:00 EST 2018 

Paul:
> Running some small Tor 0.3.1.9 exits on FreeBSD brings me problems
> like these:
> 
> Feb 18 16:16:07  kernel: [81279] pid 81691 (tor), uid 256, was
> killed: out of swap space Feb 18 16:16:51  kernel: [81323] pid 3994
> (tor), uid 256, was killed: out of swap space
> 
> 
> or
> 
> Feb 14 17:51:46 kernel: [1129047] [zone: mbuf_cluster]
> kern.ipc.nmbclusters limit reached.
> 
> As I am only a volunteer and not a programmer couPaul:
> Running some small Tor 0.3.1.9 exits on FreeBSD brings me problems like these: 
> 
> Feb 18 16:16:07  kernel: [81279] pid 81691 (tor), uid 256, was killed: out of swap space
> Feb 18 16:16:51  kernel: [81323] pid 3994 (tor), uid 256, was killed: out of swap space
> 
> 
> or
> 
> Feb 14 17:51:46 kernel: [1129047] [zone: mbuf_cluster] kern.ipc.nmbclusters limit reached.
> 
> As I am only a volunteer and not a programmer could somebody please provide me an idea or small script that would check for parameters like these above and restart tor or reboot the system in a timely manner?
> 
> Thanks for your help

ld somebody please
> provide me an idea or small script that would check for parameters
> like these above and restart tor or reboot the system in a timely
> manner?
> 
> Thanks for your help

Hey Paul.

Restarting Tor is simple enough, but doesn't solve the issue.

You *could* increase swap or kern.ipc.nmbclusters, which you can see the
current setting with:

$ sysctl kern.ip.nmbclusters

Or look at rctl(8), and similar mitigations documented here:
http://wiki.torbsd.org/doku.php?id=en:freebsd-specific_tips_and_tricks

But the best route would be to update security/tor to 0.3.2.9.  I
*think* it deals with the DDOS'g you're experiencing.

I can say that the current security/tor-devel (0.3.3.2) does deal with
it, and I see a good number of messages like:

Feb 19 18:44:21.000 [notice] {HEARTBEAT} DoS mitigation since startup:
1083 circuits rejected, 6 marked addresses. 59073 connections closed.
1330 single hop clients refused.

g

More information about the Tor-BSD mailing list