From owner-freebsd-net@FreeBSD.ORG Tue Nov 25 05:40:03 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5738216A4CE for ; Tue, 25 Nov 2003 05:40:03 -0800 (PST) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3877143FDD for ; Tue, 25 Nov 2003 05:40:00 -0800 (PST) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82])hAPDdiHQ051802; Tue, 25 Nov 2003 20:39:49 +0700 (KRAT) (envelope-from eugen@kuzbass.ru) Message-ID: <3FC35B5C.AC3C578F@kuzbass.ru> Date: Tue, 25 Nov 2003 20:38:36 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.8 [en] (Win98; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: Luigi Rizzo References: <3F6546C1.41B7143@kuzbass.ru> <3F654BBB.9240465B@kuzbass.ru> <20030915012443.A49336@xorpc.icir.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit cc: net@freebsd.org Subject: Re: ipfw: pullup failed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Nov 2003 13:40:03 -0000 Luigi Rizzo wrote: > > > > My router that uses ipfw2 for WF2Q+ sometimes writes in log: > > > > Sep 15 10:14:38 gw2 /kernel: ipfw: pullup failed > > > > Sep 15 11:50:53 gw2 /kernel: ipfw: pullup failed > > > > > > a possibility is that it has run out of mbufs. what does netstat -m say ? > > > > 669/1920/65536 mbufs in use (current/peak/max): > > 654 mbufs allocated to data > > 15 mbufs allocated to packet headers > > 472/712/16384 mbuf clusters in use (current/peak/max) > > ok, another one is that the packet was too short for the desired > length (supposedly, as a result of a collision). > You could perhaps try the following patch and see if it tells you > something more interesting. > > static int > ipfw_chk(struct ip_fw_args *args) > { > + int desired_len = -1; > /* > * Local variables hold state during the processing of a packet. > * > * IMPORTANT NOTE: to speed up the processing of rules, there > > ... > > #define PULLUP_TO(len) \ > do { \ > if ((m)->m_len < (len)) { \ > args->m = m = m_pullup(m, (len)); \ > - if (m == 0) \ > + if (m == 0) { \ > + desired_len = (len); \ > goto pullup_failed; \ > + } \ > ip = mtod(m, struct ip *); \ > } \ > } while (0) > > ... > pullup_failed: > if (fw_verbose) > - printf("pullup failed\n"); > + printf("pullup failed have %d want %d\n", m->m_len,desired_len); > return(IP_FW_PORT_DENY_FLAG); > } I've upgraded my router to 4.9-STABLE and applied your patch. Well, it produces something interesting. It produces kernel panic because m once became NULL in this printf :-) Eugene Grosbein