From owner-freebsd-net@FreeBSD.ORG Sun Mar 6 11:51:52 2005 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C7A9516A4CE for ; Sun, 6 Mar 2005 11:51:52 +0000 (GMT) Received: from web20825.mail.yahoo.com (web20825.mail.yahoo.com [216.136.227.164]) by mx1.FreeBSD.org (Postfix) with SMTP id 6F64F43D46 for ; Sun, 6 Mar 2005 11:51:52 +0000 (GMT) (envelope-from stefanolteanu@yahoo.com) Received: (qmail 42107 invoked by uid 60001); 6 Mar 2005 11:51:52 -0000 Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=yWMbYuvUXfyE2bW7WFUH2wyuqKaaF6CXYmnbhfJvp2CyHu2nFdHxpaIim62azL6Dtz7bOQHXiUL6Ag2g7mz5XQiSaxVGNT9CufjLvMzYnMQNKO07t6moha8ui6DAY30pyZzwNYt9/pal05Y2g7+TPuSGKUdL1gIzFeNqrH0vGJA= ; Message-ID: <20050306115152.42105.qmail@web20825.mail.yahoo.com> Received: from [213.154.146.174] by web20825.mail.yahoo.com via HTTP; Sun, 06 Mar 2005 03:51:52 PST Date: Sun, 6 Mar 2005 03:51:52 -0800 (PST) From: Stefan Olteanu To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Kernel panic with pfil X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Mar 2005 11:51:52 -0000 Hi everyone, I have a FreeBSD firewall. I get this fatal trap while in kernel mode. I experienced this every time I use dc++ on my pc from the private network. ------------------------- Here is my dmesg output : Copyright (c) 1992-2004 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.3-RELEASE #0: Sun Mar 6 06:05:00 EET 2005 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/FIREWALL3 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Pentium/P55C (199.91-MHz 586-class CPU) Origin = "GenuineIntel" Id = 0x543 Stepping = 3 Features=0x8001bf real memory = 33554432 (32 MB) avail memory = 27553792 (26 MB) Intel Pentium detected, installing workaround for F00F bug npx0: [FAST] npx0: on motherboard npx0: INT 16 interface acpi0: on motherboard Timecounter "ACPI-safe" frequency 3579545 Hz quality 1000 acpi_timer0: <24-bit timer at 3.579545MHz> port 0xfc08-0xfc0b on acpi0 cpu0: on acpi0 acpi_tz0: on acpi0 pcib0: port 0xcf8-0xcff on acpi0 pci0: on pcib0 rl0: port 0x1000-0x10ff mem 0x44000000-0x440000ff irq 11 at device 12.0 on pci0 miibus0: on rl0 rlphy0: on miibus0 rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto rl0: Ethernet address: 00:40:f4:b2:f9:bd rl1: port 0x1400-0x14ff mem 0x44100000-0x441000ff irq 11 at device 13.0 on pci0 miibus1: on rl1 rlphy1: on miibus1 rlphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto rl1: Ethernet address: 00:40:f4:b2:fe:f4 pci0: at device 14.0 (no driver attached) tl0: port 0x1820-0x182f irq 11 at device 16.0 on pci0 miibus2: on tl0 lxtphy0: on miibus2 lxtphy0: 100baseFX, 100baseFX-FDX, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto tlphy0: on miibus2 tlphy0: 10base2/BNC, 10base5/AUI tl0: Ethernet address: 00:80:5f:63:e0:80 tl0: if_start running deferred for Giant tl0: [GIANT-LOCKED] isab0: at device 20.0 on pci0 isa0: on isab0 atapci0: port 0x1830-0x183f,0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 20.1 on pci0 ata0: channel #0 on atapci0 ata1: channel #1 on atapci0 uhci0: port 0x1800-0x181f at device 20.2 on pci0 uhci0: [GIANT-LOCKED] usb0: on uhci0 usb0: USB revision 1.0 uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered pci0: at device 20.3 (no driver attached) acpi_button0: on acpi0 speaker0: port 0x61 on acpi0 atkbdc0: port 0x64,0x60 irq 1 on acpi0 atkbd0: irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] ppc0: port 0x778-0x77d,0x378-0x37f irq 7 drq 3 on acpi0 ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode ppc0: FIFO with 16/16/8 bytes threshold ppbus0: on ppc0 plip0: on ppbus0 lpt0: on ppbus0 lpt0: Interrupt-driven port ppi0: on ppbus0 sio0: port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A fdc0: port 0x3f0-0x3f5 irq 6 drq 2 on acpi0 fdc0: [FAST] sio1: port 0x2f8-0x2ff irq 3 on acpi0 sio1: type 16550A orm0: at iomem 0xe7000-0xeffff,0xe0000-0xe6fff,0xc0000-0xc7fff on isa0 pmtimer0 on isa0 sc0: at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 Timecounter "TSC" frequency 199905462 Hz quality 800 Timecounters tick every 10.000 msec ad0: 6150MB [13330/15/63] at ata0-master UDMA33 Mounting root from ufs:/dev/ad0s1a WARNING: / was not properly dismounted WARNING: /tmp was not properly dismounted WARNING: /usr was not properly dismounted WARNING: /var was not properly dismounted IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled tl0: adapter check: 100007 ---------------------------------------------------------------------------- Here is my backtrace output : Script started on Sun Mar 6 12:22:29 2005 [root@ crash]# gdb6 -k kernel.debug.0 vmcore.0 GNU gdb 20040803 [GDB v6.x for FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-portbld-freebsd5.3"... panic: from debugger panic messages: --- Fatal trap 12: page fault while in kernel mode fault virtual address = 0xc fault code = supervisor read, page not present instruction pointer = 0x8:0xc04f4c5c stack pointer = 0x10:0xc3eb7aec frame pointer = 0x10:0xc3eb7af8 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 29 (swi1: net) panic: from debugger Uptime: 13m22s Dumping 32 MB 16 --- #0 doadump () at pcpu.h:159 159 pcpu.h: No such file or directory. in pcpu.h doadump () at pcpu.h:159 159 in pcpu.h (kgdb) where #0 doadump () at pcpu.h:159 #1 0xc04c1ad5 in boot (howto=260) at ../../../kern/kern_shutdown.c:397 #2 0xc04c1dbd in panic (fmt=0xc0617bb0 "from debugger") at ../../../kern/kern_shutdown.c:553 #3 0xc0438959 in db_panic (addr=-1068544932, have_addr=0, count=-1, modif=0xc3eb791c "") at ../../../ddb/db_command.c:435 #4 0xc04388f0 in db_command (last_cmdp=0xc066c4c4, cmd_table=0x0, aux_cmd_tablep=0xc063cc54, aux_cmd_tablep_end=0xc063cc58) at ../../../ddb/db_command.c:349 #5 0xc04389b8 in db_command_loop () at ../../../ddb/db_command.c:455 #6 0xc043a52d in db_trap (type=12, code=0) at ../../../ddb/db_main.c:221 #7 0xc04d913a in kdb_trap (type=12, code=0, tf=0xc3eb7aac) at ../../../kern/subr_kdb.c:418 #8 0xc05f6cc9 in trap_fatal (frame=0xc3eb7aac, eva=12) at ../../../i386/i386/trap.c:804 #9 0xc05f6a4f in trap_pfault (frame=0xc3eb7aac, usermode=0, eva=12) at ../../../i386/i386/trap.c:727 #10 0xc05f664d in trap (frame= {tf_fs = 24, tf_es = 16, tf_ds = 16, tf_edi = 56, tf_esi = 0, tf_ebp = -1007977736, tf_isp = -1007977768, tf_ebx = 0, tf_edx = 0, tf_ecx = 0, tf_eax = 3469992, tf_trapno = 12, tf_err = 0, tf_eip = -1068544932, tf_cs = 8, tf_eflags = 66050, tf_esp = 1, tf_ss = -1055494464}) at ../../../i386/i386/trap.c:417 #11 0xc05e6afa in calltrap () at ../../../i386/i386/exception.s:140 #12 0x00000018 in ?? () #13 0x00000010 in ?? () #14 0x00000010 in ?? () #15 0x00000038 in ?? () #16 0x00000000 in ?? () #17 0xc3eb7af8 in ?? () #18 0xc3eb7ad8 in ?? () #19 0x00000000 in ?? () #20 0x00000000 in ?? () #21 0x00000000 in ?? () #22 0x0034f2a8 in ?? () #23 0x0000000c in ?? () #24 0x00000000 in ?? () #25 0xc04f4c5c in m_copydata (m=0x0, off=0, len=56, cp=0xc1166ec0 "") at ../../../kern/uipc_mbuf.c:513 #26 0xc0ea0ac9 in ?? () #27 0xc0e18d00 in ?? () #28 0x00000000 in ?? () #29 0x00000038 in ?? () #30 0xc1166ec0 in ?? () #31 0x00000000 in ?? () #32 0xc3eb7bd8 in ?? () #33 0x00000038 in ?? () #34 0xc3eb7b94 in ?? () #35 0xc0ea095f in ?? () #36 0x00000000 in ?? () #37 0xc3eb7bd8 in ?? () #38 0xc3eb7b50 in ?? () #39 0xc3eb7b48 in ?? () #40 0xc3eb7b40 in ?? () #41 0x00000002 in ?? () #42 0xc0d8c000 in ?? () #43 0x00000000 in ?? () #44 0x00000001 in ?? () #45 0x00000028 in ?? () #46 0x00000038 in ?? () #47 0xc3eb7b58 in ?? () #48 0xc0e18d00 in ?? () #49 0x00000000 in ?? () #50 0x00306c72 in ?? () #51 0x00000000 in ?? () #52 0x00000000 in ?? () #53 0x00000000 in ?? () #54 0xffff3800 in ?? () #55 0x0000000c in ?? () #56 0x00000000 in ?? () #57 0x00004019 in ?? () #58 0x00000000 in ?? () #59 0x0000000c in ?? () #60 0xc3eb7bdc in ?? () #61 0x00004019 in ?? () #62 0xc0ebc800 in ?? () #63 0xc0e18d50 in ?? () #64 0xc3eb7c44 in ?? () #65 0xc0ea4280 in ?? () #66 0x00004019 in ?? () #67 0xc0e18d50 in ?? () #68 0xc3eb7bd8 in ?? () #69 0xc0e18d00 in ?? () #70 0xffffffff in ?? () #71 0x00000000 in ?? () #72 0x00000000 in ?? () #73 0xc0e18d00 in ?? () #74 0x00000000 in ?? () #75 0xc0ebe600 in ?? () #76 0x00000004 in ?? () #77 0x00000041 in ?? () #78 0x00000000 in ?? () #79 0xc0ea9740 in ?? () #80 0x00000000 in ?? () #81 0xc0d8c000 in ?? () #82 0x013ec004 in ?? () #83 0x8ac213c1 in ?? () #84 0x00000000 in ?? () #85 0x00000000 in ?? () #86 0x00000000 in ?? () #87 0xd5662ac2 in ?? () #88 0x00000000 in ?? () #89 0x00000000 in ?? () #90 0x00000000 in ?? () #91 0x00000000 in ?? () #92 0x00000000 in ?? () #93 0x00000003 in ?? () #94 0x00000000 in ?? () #95 0x00000014 in ?? () #96 0x00000000 in ?? () #97 0x0000000c in ?? () #98 0x00000000 in ?? () #99 0xc0ebe600 in ?? () #100 0xc0e1a844 in ?? () #101 0x000000b5 in ?? () #102 0x48fb00a1 in ?? () #103 0x00000000 in ?? () #104 0xc3eb7c80 in ?? () #105 0xc0e7a140 in ?? () #106 0xc067cee0 in ip_rsvpd () #107 0x00000001 in ?? () #108 0xc3eb7c60 in ?? () #109 0xc0ea0d06 in ?? () #110 0xc0e18d50 in ?? () #111 0x00000014 in ?? () #112 0xc0d8c000 in ?? () #113 0x00000000 in ?? () #114 0xc3eb7c80 in ?? () #115 0xc3eb7c90 in ?? () #116 0xc0532f7f in pfil_run_hooks (ph=0xc1166ec0, mp=0xc3eb7bd8, ifp=0xc3eb7b50, dir=-1055494528, inp=0xc3eb7b40) at ../../../net/pfil.c:137 Previous frame inner to this frame (corrupt stack?) (kgdb) ------------------------------------------------------------------------------- Here is my ipf.rules : ################################################################# # Outside Interface ################################################################# pass out quick on rl0 proto tcp from any to any keep state pass out quick on rl0 proto udp from any to any keep state pass out quick on rl0 proto icmp from any to any keep state block out quick on rl0 all #----------------------------------------------------------------------- # Block all inbound traffic from non-routable or reserved address spaces #----------------------------------------------------------------------- block in log quick on rl0 from 192.168.0.0/16 to any #RFC 1918 private IP block in log quick on rl0 from 172.16.0.0/12 to any #RFC 1918 private IP block in log quick on rl0 from 10.0.0.0/8 to any #RFC 1918 private IP block in log quick on rl0 from 127.0.0.0/8 to any #loopback block in log quick on rl0 from 0.0.0.0/8 to any #loopback block in log quick on rl0 from 169.254.0.0/16 to any #DHCP auto-config block in log quick on rl0 from 192.0.2.0/24 to any #reserved for doc's block in log quick on rl0 from 204.152.64.0/23 to any #Sun cluster interconnect block in quick on rl0 from 224.0.0.0/3 to any #Class D & E multicast #---------------------------------------------------------------- # Allow bootp traffic in from your ISP's DHCP server only. #---------------------------------------------------------------- pass in quick on rl0 proto udp from 194.42.102.129/32 to any port = 68 keep state block return-rst in log quick on rl0 proto tcp from any to any block return-icmp-as-dest(port-unr) in log quick on rl0 proto udp from any to any block in log quick on rl0 all ################################################################# # Inside Interface ################################################################# #---------------------------------------------------------------- # Allow out all TCP, UDP, and ICMP traffic & keep state #---------------------------------------------------------------- pass out quick on rl1 proto tcp from any to any keep state pass out quick on rl1 proto udp from any to any keep state pass out quick on rl1 proto icmp from any to any keep state block out quick on rl1 all pass out quick on tl0 proto tcp from any to any keep state pass out quick on tl0 proto udp from any to any keep state pass out quick on tl0 proto icmp from any to any keep state block out quick on tl0 all #---------------------------------------------------------------- # Allow in all TCP, UDP, and ICMP traffic & keep state #---------------------------------------------------------------- pass in quick on rl1 proto tcp from any to any keep state pass in quick on rl1 proto udp from any to any keep state pass in quick on rl1 proto icmp from any to any keep state block in quick on rl1 all pass in quick on tl0 proto tcp from any to any keep state pass in quick on tl0 proto udp from any to any keep state pass in quick on tl0 proto icmp from any to any keep state block in quick on tl0 all ################################################################# # Loopback Interface ################################################################# #---------------------------------------------------------------- # ping #---------------------------------------------------------------- pass in quick on lo0 all pass out quick on lo0 all Thank you very much for any lead on how to resolve this. Stefan Olteanu =====