Date: Mon, 18 Sep 2000 18:26:29 -0300 From: Fred Souza <cseg@kronus.com.br> To: Alfred Perlstein <bright@wintelcom.net> Cc: Bosko Milekic <bmilekic@dsuper.net>, security@FreeBSD.ORG Subject: Re: Panic when receiving packets with invalid versions Message-ID: <20000918182629.A1082@torment.secfreak.com> In-Reply-To: Your message of "Mon, Sep 18 2000 13:15:17 -0700" <20000918131517.I15156@fw.wintelcom.net> References: <20000918115643.A470@torment.secfreak.com> <Pine.BSF.4.21.0009181259210.18305-100000@jehovah.technokratis.com> <20000918171214.A269@torment.secfreak.com> <20000918131517.I15156@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> So close! :) Whoa! Luck? :) > You don't want to do 'up 10' you want to go 'up' until you hit the > frame above 'trap' which is 'ip_natout', that's where you want to > do your 'list' and 'print' of some of the variables that appear. Ok, thanks a lot. I'll surely remember that next time I need to debug the kernel (or anything else). > you may also want to printout several variables by prefixing * to > them to get the structure contents. Ok. > This looks like it may be a bug in ipfilter. Absolutely right on that, sir! To be exact, the mistake was that I was loading NAT rules through interface ppp0 at boot-time. Once my box doesn't connect to the ISP at boot-time, that mapping maps to "nothing". Unloading the mapping when ppp0 is not active solved the problem. Thank you _very_much_ for your help. Peace, .cseg -- This is what you get when you meet someone who has spent most of his/her entire life, thinking. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000918182629.A1082>