Date: Sat, 26 Jun 2010 06:00:30 GMT From: Shant Kassardjian <pookme@hotmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: amd64/148157: IPFW in kernel nat BUG found in FreeBSD 8.1-PRERELEASE Message-ID: <201006260600.o5Q60Unw067837@www.freebsd.org> Resent-Message-ID: <201006260610.o5Q6A8jE064833@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 148157 >Category: amd64 >Synopsis: IPFW in kernel nat BUG found in FreeBSD 8.1-PRERELEASE >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-amd64 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Jun 26 06:10:08 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Shant Kassardjian >Release: 8.1-PRERELEASE >Organization: >Environment: FreeBSD core.skylab.ca 8.1-PRERELEASE FreeBSD 8.1-PRERELEASE #0: Tue Jun 22 21:38:07 EDT 2010 >Description: Discovered a bug while running IPFW in kernel nat and TCP redirect_port. The system does a core dump and restarts immediately. Here is what I see: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0xc fault code = supervisor write data, page not present instruction pointer = 0x20:0xffffffff801d5cd6 stack pointer = 0x28:0xffffff8074fdf370 frame pointer = 0x28:0xffffff8074fdf620 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 1804 (sshd) trap number = 12 panic: page fault cpuid = 0 Uptime: 3m9s Cannot dump. Device not defined or unavailable. Automatic reboot in 15 seconds - press a key on the console to abort >How-To-Repeat: Problem can be replicated by creating a test ipfw policy: ipfw add 001 nat 100 ip from any to any via em0 ipfw nat 100 config ip 192.168.1.104 redirect_port tcp 172.25.1.1:22 22 kernel options: options HZ=1000 options DUMMYNET options IPDIVERT options IPFIREWALL options LIBALIAS options IPFIREWALL_NAT options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=5 options IPFIREWALL_DEFAULT_TO_ACCEPT sysctl settings: kern.ipc.maxsockbuf=16777216 kern.ipc.nmbclusters=32768 kern.ipc.somaxconn=32768 kern.maxfiles=65536 kern.maxfilesperproc=32768 kern.maxvnodes=800000 net.inet.tcp.delayed_ack=0 net.inet.tcp.inflight.enable=0 net.inet.tcp.path_mtu_discovery=0 net.inet.tcp.recvbuf_auto=1 net.inet.tcp.recvbuf_inc=524288 net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.recvspace=65536 net.inet.tcp.rfc1323=1 net.inet.tcp.sendbuf_auto=1 net.inet.tcp.sendbuf_inc=524288 net.inet.tcp.sendspace=65536 net.inet.udp.maxdgram=57344 net.inet.udp.recvspace=65536 net.local.stream.recvspace=65536 net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.mssdflt=1460 net.link.bridge.ipfw=1 net.inet.ip.fw.one_pass=0 net.inet.ip.dummynet.io_fast=1 net.inet.ip.dummynet.hash_size=64 >Fix: Using /etc/rc.d/natd with config /etc/natd.conf port 8668 interface em0 redirect_port tcp 172.25.1.1:22 22 redirect_port tcp 172.25.1.10:3389 3389 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201006260600.o5Q60Unw067837>