Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 30 Jun 2004 13:38:51 -0700
From:      Jaeho Shin <netj@ropas.snu.ac.kr>
To:        current@freebsd.org
Subject:   Re: ipf 3.4.35 woes
Message-ID:  <20040630203851.GA4864@sab.mazic.org>
In-Reply-To: <20040623020801.GA156@afflictions.org>
References:  <20040623020801.GA156@afflictions.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--wac7ysb48OaltWcw
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, 2004-06-22 22:08:01 -0400, Damian Gerow wrote:
> The upgrade to ipf 3.4.35 is causing me grief.  And yes, my kernel and
> userland are in sync:
=2E..
> I get a panic right after bringing up lo0 on regular boot.  If I boot into
> single user mode, bring up lo0, bring up my main interface, and then load
> the rules, I don't panic.  My rules are simple -- a pass in quick/pass out
> quick pair for every interface on the machine, and a general pass in
> quick/pass out quick for all IPv6.
>=20
> There are four interfaces on this machine: lo0, rl0, fxp0, and a
> freshly-added ath0.  The only ones that come up during boot are lo0 and
> fxp0.
>=20
> Since the panic passed through pen and paper, whitespace may be off.  But
> here's the boot log/panic:
>=20
> Enabling ipfilter.
> lo0: <standard lo0 information>
>=20
> kernel trap 12 with interrupts disabled
>=20

My box has a similar hardware configuration to yours.  I had a very same
problem with yesterday's source, but by applying the patch below, which
was posted to current@ many times, fixed the problem.  It looks like it
was commited recently so either by applying it or cvsup'ing again will
give you the right source.

%%
Index: sys/contrib/ipfilter/netinet/fil.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /home/ncvs/src/sys/contrib/ipfilter/netinet/fil.c,v
retrieving revision 1.38
diff -u -r1.38 fil.c
--- sys/contrib/ipfilter/netinet/fil.c  21 Jun 2004 22:46:35 -0000      1.38
+++ sys/contrib/ipfilter/netinet/fil.c  24 Jun 2004 19:17:33 -0000
@@ -2155,9 +2155,6 @@
                ip_natsync(ifp);
                ip_statesync(ifp);
        }
-#  if defined(__FreeBSD_version) && (__FreeBSD_version >=3D 500043)
-       IFNET_RUNLOCK();
-#  endif
        ip_natsync((struct ifnet *)-1);
 #  if defined(__FreeBSD_version) && (__FreeBSD_version >=3D 500043)
        IFNET_RUNLOCK();
%%

--=20
=EC=8B=A0=EC=9E=AC=ED=98=B8 | Jaeho Shin <netj@ropas.snu.ac.kr> | http://ne=
tj.org/
Research On Program Analysis System, Seoul National University

--wac7ysb48OaltWcw
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Cygwin)

iD8DBQFA4yTbeGASkZ411HcRAnmXAJ942YcPKjz0tDT8Iyr6thv1xvVLJgCffLvE
LxczAK6rkBnujHHo44BTX4E=
=6QOE
-----END PGP SIGNATURE-----

--wac7ysb48OaltWcw--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040630203851.GA4864>