Hallo zusammen,
ich habe hier ein etwas seltsames Verhalten, auch habe ich hier zwar bereits ähnliche Fälle gefunden, jedoch ohne konkrete Lösung (https://community.sophos.com/products/unified-threat-management/f/german-forum/111398/hohe-cpu-auslastung-nach-update-auf-9-601-5?pi2353=2#pi2353=2). Und zwar habe ich hier einen Fujitsu S720 (CPU AMD GX-217, 4GB RAM, 64GB SSD MSATA), sobald dort eine (egal was für eine) Mini-PCIe WLAN Karte steckt, habe ich eine dauerhafte CPU-Auslastung von ca 20%...ohne eine solche Karte idlet er mit ca 5% vor sich hin.
Ich habe hier zwischenzeitlich eine Atheros AR5009 AR5BXB92 , welche auch von Sophos UTM erkannt wird und funktioniert, dank dem "hostapd.conf-default"-mod. Jedoch verhielt es sich mit der CPU-Auslastung auch zuvor genaus, egal was fuer eine WLAN - Karte verbaut war.
Sobald diese draussen ist, kann ich dauerhaft wieder ca 5-8% im Idle beobachten.
Es wurden hier schon Neuinstallationen der UTM versucht, ebenso zuvor auch komplette Resets auf Factory Default. Die Auslastung bleibt bei 20%, sobald eine WLAN Karte verbaut ist.
Die Konfiguration wurde hier extra sehr dünn gehalten, um direkt gewisse Punkte ausschliessen zu könne: WebFilter, FW Rules, IPS, Application Control, pharming protection können allesamt ausgeschlossen werden.
Verursacht wird das ganze scheinbar durch die confd.plx, jedoch sind meine Linux-Kenntnisse hier zu gering, dass ich hier nun auf eure Hilfe angewiesen bin.
Aktuell installiert ist eine 9.605-1.
Kann mir hier vielleicht jemand einen Ansatz fuer eine Loesung liefern?
Vielen Dank vorab und besten Gruss,
Andy. :)
Hier zu sehen ohne WLAN Modul und im Anschluss mit:
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 2 0.0 0.0 0 0 ? S 01:19 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S 01:19 0:15 \_ [ksoftirqd/0] root 4 0.0 0.0 0 0 ? S 01:19 0:00 \_ [kworker/0:0] root 5 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [kworker/0:0H] root 7 0.0 0.0 0 0 ? S 01:19 0:01 \_ [migration/0] root 8 0.0 0.0 0 0 ? S 01:19 0:00 \_ [rcu_bh] root 9 0.1 0.0 0 0 ? S 01:19 1:27 \_ [rcu_sched] root 10 0.0 0.0 0 0 ? S 01:19 0:01 \_ [migration/1] root 11 0.0 0.0 0 0 ? S 01:19 0:06 \_ [ksoftirqd/1] root 13 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [kworker/1:0H] root 14 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [khelper] root 123 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [writeback] root 126 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [bioset] root 127 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [crypto] root 129 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [kblockd] root 277 0.0 0.0 0 0 ? S 01:19 0:00 \_ [khubd] root 285 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [edac-poller] root 386 0.2 0.0 0 0 ? S 01:19 2:46 \_ [kworker/1:1] root 387 0.1 0.0 0 0 ? S 01:19 2:20 \_ [kworker/0:1] root 409 0.0 0.0 0 0 ? S 01:19 0:01 \_ [kswapd0] root 473 0.0 0.0 0 0 ? SN 01:19 0:02 \_ [khugepaged] root 474 0.0 0.0 0 0 ? S 01:19 0:00 \_ [fsnotify_mark] root 1103 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [deferwq] root 1187 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [ata_sff] root 1199 0.0 0.0 0 0 ? S 01:19 0:00 \_ [scsi_eh_0] root 1202 0.0 0.0 0 0 ? S 01:19 0:00 \_ [scsi_eh_1] root 1508 0.0 0.0 0 0 ? S< 01:19 0:02 \_ [kworker/0:1H] root 1583 0.0 0.0 0 0 ? S< 01:19 0:13 \_ [kworker/1:1H] root 2308 0.0 0.0 0 0 ? S 01:19 0:00 \_ [kworker/1:2] root 2371 0.0 0.0 0 0 ? S 01:19 0:11 \_ [jbd2/sda6-8] root 2372 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [ext4-rsv-conver] root 2754 0.0 0.0 0 0 ? S 01:19 0:00 \_ [jbd2/sda1-8] root 2755 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [ext4-rsv-conver] root 2756 0.0 0.0 0 0 ? S 01:19 0:07 \_ [jbd2/sda5-8] root 2757 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [ext4-rsv-conver] root 2758 0.0 0.0 0 0 ? S 01:19 0:05 \_ [jbd2/sda7-8] root 2759 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [ext4-rsv-conver] root 2760 0.0 0.0 0 0 ? S 01:19 0:00 \_ [jbd2/sda8-8] root 2761 0.0 0.0 0 0 ? S< 01:19 0:00 \_ [ext4-rsv-conver] root 3990 0.0 0.0 0 0 ? S< 01:20 0:00 \_ [redd] root 4318 0.0 0.0 0 0 ? S< 01:21 0:00 \_ [cfg80211] root 6643 0.0 0.0 0 0 ? S 21:00 0:00 \_ [kworker/u8:2] root 28295 0.0 0.0 0 0 ? S 22:26 0:00 \_ [kworker/u8:1] root 1 0.0 0.0 3976 528 ? Ss 01:19 0:02 init [3] root 2434 0.0 0.0 4456 452 ? S<s 01:19 0:00 /sbin/udevd --daemon root 4321 0.0 0.0 4452 320 ? S< 01:21 0:00 \_ /sbin/udevd --daemon root 4340 0.0 0.0 4452 316 ? S< 01:21 0:00 \_ /sbin/udevd --daemon root 3031 0.0 0.0 3988 656 ? S 01:19 0:00 /usr/sbin/acpid -c /etc/acpi/events -s /var/run/acpid.socket 200 3044 0.0 0.0 4660 216 ? Ss 01:20 0:00 /bin/dbus-daemon --system 201 3270 0.0 0.0 17044 1800 ? Ssl 01:20 0:01 /usr/sbin/hald --daemon=yes root 3271 0.0 0.0 5900 860 ? S 01:20 0:00 \_ hald-runner root 3293 0.0 0.0 8456 1184 ? S 01:20 0:00 \_ hald-addon-input: Listening on /dev/input/event0 /dev/input root 3308 0.0 0.0 8468 1188 ? S 01:20 0:00 \_ /usr/lib/hal/hald-addon-cpufreq 201 3309 0.0 0.0 8164 1408 ? S 01:20 0:00 \_ hald-addon-acpi: listening on acpid socket /var/run/acpid.s root 4323 0.0 0.0 8452 1444 ? S 01:21 0:00 \_ /usr/lib/hal/hald-addon-rfkill-killswitch root 3342 0.0 0.1 8316 4372 ? Ss 01:20 0:27 /sbin/haveged -w 1024 -v 0 root 3366 0.0 0.8 59268 32260 ? Ss 01:20 0:55 confd [master] root 3367 0.0 0.0 3956 484 ? S 01:20 0:00 \_ logger -p daemon.debug -t confd[3366] root 3485 0.2 0.7 58988 28836 ? S 01:20 2:47 \_ confd [listener] root 10389 5.4 1.0 71872 42164 ? S 23:23 0:07 \_ confd [worker:prpc:webadmin] root 11044 300 0.0 4776 956 ? R 23:25 0:00 | \_ ps auxwf root 11004 16.3 0.0 0 0 ? Z 23:25 0:00 \_ [confd.plx] <defunct> root 11037 16.8 0.7 59120 30780 ? S 23:25 0:00 \_ confd [worker:prpc:system] root 3381 0.0 0.0 3956 388 ? Ss 01:20 0:00 /usr/local/bin/confd-queuer root 3393 0.0 0.1 10124 5924 ? Ss 01:20 0:08 confd-qrunner.pl root 3411 0.0 0.1 11020 4552 ? S 01:20 0:39 /usr/local/bin/sysmond root 3479 0.0 0.3 19420 13136 ? S 01:20 0:00 /var/aua/aua.bin root 3480 0.0 0.0 3956 240 ? S 01:20 0:00 \_ logger -p daemon.debug -t aua[3479] root 10390 0.1 0.0 0 0 ? Z 23:23 0:00 \_ [aua.bin] <defunct> root 3734 0.0 0.2 16092 9800 ? S 01:20 0:03 /usr/local/bin/notifier.plx -d root 3752 0.0 3.5 177396 137864 ? Ssl 01:20 0:47 /var/oculusd/oculusd 25000 rrdcache 3772 0.0 0.0 119228 1296 ? Ssl 01:20 1:00 /usr/bin/rrdcached -l unix:/var/run/rrdcached/socket -m 777 -b /var at 3803 0.0 0.0 4404 352 ? Ss 01:20 0:00 /usr/sbin/atd postgres 3868 0.0 1.1 600808 44520 ? S 01:20 0:09 /usr/pgsql92-64/bin/postgres -D /var/storage/pgsql92/data postgres 3870 0.0 0.3 601224 12512 ? Ss 01:20 0:06 \_ postgres: checkpointer process postgres 3871 0.0 0.1 601068 4116 ? Ss 01:20 0:01 \_ postgres: writer process postgres 3872 0.0 0.4 601068 17040 ? Ss 01:20 0:25 \_ postgres: wal writer process postgres 3873 0.0 0.0 602176 2452 ? Ss 01:20 0:12 \_ postgres: autovacuum launcher process postgres 3874 0.0 0.0 26928 824 ? Ss 01:20 0:00 \_ postgres: archiver process last was 000000010000000000000070 postgres 3875 0.0 0.0 27208 1108 ? Ss 01:20 0:26 \_ postgres: stats collector process postgres 5022 0.0 0.6 607412 23916 ? Ss 01:23 0:35 \_ postgres: reporting reporting [local] idle postgres 5425 0.0 0.1 604556 6100 ? Ss 01:23 0:01 \_ postgres: smtp smtp 127.0.0.1(39783) idle postgres 5581 0.0 0.2 604620 8412 ? Ss 01:23 0:00 \_ postgres: smtp smtp 127.0.0.1(39787) idle postgres 6912 0.0 0.1 604456 5448 ? Ss 01:24 0:00 \_ postgres: smtp smtp [local] idle postgres 6913 0.0 0.1 604476 5380 ? Ss 01:24 0:00 \_ postgres: smtp smtp [local] idle postgres 6914 0.0 0.3 608492 14528 ? Ss 01:24 0:01 \_ postgres: reporting reporting [local] idle postgres 6915 0.0 0.1 604468 4900 ? Ss 01:24 0:00 \_ postgres: reporting reporting [local] idle postgres 6918 0.0 0.1 604560 5812 ? Ss 01:24 0:00 \_ postgres: hotspot hotspot [local] idle postgres 6925 0.0 0.1 604560 5744 ? Ss 01:24 0:00 \_ postgres: hotspot hotspot [local] idle postgres 7262 0.0 0.1 604476 5408 ? Ss 01:25 0:00 \_ postgres: sandbox sandbox [local] idle postgres 7263 0.0 0.1 604528 6036 ? Ss 01:25 0:00 \_ postgres: sandbox sandbox [local] idle postgres 8729 0.4 0.1 604624 7080 ? Ss 01:30 6:07 \_ postgres: smtp smtp 127.0.0.1(39969) idle root 3936 1.3 4.6 185104 178008 ? S 01:20 17:44 /var/mdw/mdw.plx root 3980 0.0 0.0 3956 532 ? S 01:20 0:00 \_ logger -p daemon.debug -t middleware[3936] root 3960 0.0 0.0 3980 404 ? Ss 01:20 0:02 runsvdir -P /etc/service log: ..................................... root 3967 0.0 0.0 3836 240 ? Ss 01:20 0:00 \_ runsv snort-00 snort 20592 0.1 2.7 137344 104768 ? S<l 19:47 0:24 | \_ /sbin/snort -M -Q -c /etc/snort/snort.conf -K none -P 65535 root 3968 0.0 0.0 3836 240 ? Ss 01:20 0:00 \_ runsv selfmonng root 3970 1.4 0.2 14152 9176 ? S 01:20 19:05 \_ /usr/local/bin/selfmonng.plx root 3982 0.0 0.1 13512 7012 ? S 01:20 0:00 \_ [timewarp check] root 3961 0.0 0.0 4484 800 tty1 Ss+ 01:20 0:00 /sbin/mingetty --no-hostname tty1 root 3962 0.0 0.0 4484 796 tty2 Ss+ 01:20 0:00 /sbin/mingetty --no-hostname tty2 root 3963 0.0 0.0 4484 772 tty3 Ss+ 01:20 0:00 /sbin/mingetty --no-hostname tty3 root 3964 0.0 0.0 4484 796 tty4 Ss+ 01:20 0:00 /sbin/mingetty --no-hostname tty4 root 4370 0.0 0.0 7440 1376 ? Ss 01:21 0:36 /usr/sbin/hostapd -B /var/run/hostapd-phy0.conf root 4425 0.0 0.0 3964 484 ? Ss 01:21 0:04 /usr/local/bin/nwd root 4681 0.2 0.2 14492 10104 ? Ss 01:22 3:55 dns-resolver.plx root 4687 0.1 1.0 71476 40104 ? Ssl 01:22 1:35 /usr/sbin/named -4 root 4777 0.0 0.0 4424 800 ? Ss 01:23 0:00 /usr/sbin/cron root 4810 0.0 0.2 12236 8240 ? S 01:23 0:19 /usr/local/bin/ipsfb root 4860 0.0 0.0 7568 776 ? Ss 01:23 0:00 /usr/sbin/sshd -f /etc/ssh/sshd_config root 4907 0.6 0.7 35544 29140 ? Ss 01:23 8:03 awed [master] root 4971 0.0 0.0 12344 1972 ? Ss 01:23 0:06 /bin/httpd -f /etc/httpd/httpd.conf root 4973 0.0 0.0 3956 236 ? S 01:23 0:00 \_ /bin/logger -t httpd -p local6.notice wwwrun 4975 0.0 0.0 12256 1240 ? S 01:23 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf wwwrun 10335 9.3 2.3 93780 89516 ? S 23:23 0:14 | \_ /var/webadmin/webadmin.plx wwwrun 9732 0.0 0.0 12764 3620 ? S 01:33 0:01 \_ /bin/httpd -f /etc/httpd/httpd.conf wwwrun 10414 0.0 0.0 12624 3572 ? S 23:23 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf root 5015 0.0 0.0 5856 384 ? S 01:23 0:00 supervising syslog-ng root 5016 0.6 0.1 10632 4884 ? Ss 01:23 9:09 \_ /usr/sbin/syslog-ng -f /etc/syslog-ng.conf root 5377 0.0 0.3 20308 14572 ? S 01:23 0:15 \_ /usr/bin/perl /usr/local/bin/reporter/admin-reporter.pl root 5378 0.0 0.3 19696 13860 ? S 01:23 0:09 \_ /usr/bin/perl /usr/local/bin/reporter/pfilter-reporter.pl root 5379 0.0 0.0 31180 1348 ? Sl 01:23 0:00 \_ /usr/local/bin/reporter/vpn-reporter.pl root 5380 0.0 0.0 31828 1812 ? Sl 01:23 0:08 \_ /usr/local/bin/reporter/websec-reporter.pl root 5381 0.0 0.3 18744 12848 ? S 01:23 0:07 \_ /usr/bin/perl /usr/local/bin/reporter/mailsec-reporter.pl root 5382 0.0 0.3 18836 13056 ? S 01:23 0:05 \_ /usr/bin/perl /usr/local/bin/reporter/ips-reporter.pl root 5383 0.0 0.0 30556 1412 ? Sl 01:23 0:06 \_ /usr/local/bin/reporter/websec-reporter.pl -e root 5384 0.8 0.0 4304 772 ? S 01:23 11:20 \_ /usr/local/bin/reporter/waf-reporter root 5018 0.0 0.0 34696 2592 ? S<sl 01:23 0:45 /usr/sbin/ulogd -c /etc/ulogd.conf -d 810 5217 0.1 0.6 134944 26728 ? Ss 01:23 2:03 /var/chroot-http/opt/ws/bin/urid --chroot /var/chroot-http --user 8 root 5373 0.4 0.8 70860 33112 ? Ss 01:23 5:39 smtpd [master] root 5423 0.0 0.6 42432 26924 ? S 01:23 0:22 \_ smtpd [queue manager] root 5424 0.0 0.6 42432 26428 ? S 01:23 0:01 \_ smtpd [sandbox_watcher] smtp 5578 0.0 0.0 10960 2824 ? S 01:23 0:27 \_ /bin/exim -DINPUT -bdf root 5520 0.0 0.0 6096 1332 ? Ss 01:23 0:23 /usr/sbin/irqd 810 5617 1.1 23.2 1234952 896120 ? Ssl 01:23 15:20 /var/chroot-http/usr/bin/httpproxy -f -c /var/chroot-http -u httppr root 7231 0.0 0.0 8408 1172 ? Ss 01:25 0:00 /usr/libexec/postfix/master -w postfix 25974 0.0 0.0 8528 2192 ? S 22:17 0:00 \_ qmgr -l -t unix -u -c postfix 25975 0.0 0.0 8472 2176 ? S 22:17 0:00 \_ pickup -l -t unix -u -c root 7338 0.0 0.0 9312 2916 ? Ss 01:25 0:00 /usr/sbin/dhcpd -cf /etc/dhcpd.conf wlan0 eth0 root 7604 0.0 0.0 7588 1716 ? Ss 01:26 0:00 /usr/sbin/dhclient -nw -cf /etc/eth1.conf -lf /var/db/eth1.leases - root 25102 0.0 0.0 15776 1828 ? Ss 20:05 0:01 /sbin/ntpd afcd 25954 0.1 0.4 41524 17448 ? S<sl 22:17 0:04 /usr/sbin/afcd
This thread was automatically locked due to age.
