Date: Wed, 5 Feb 2014 01:16:56 -0800 (PST) From: mm <mm@FreeBSD.org> To: freebsd-pf@freebsd.org Subject: Re: VIMAGE + PF crash in mbuf destructor Message-ID: <1391591816960-5883192.post@n5.nabble.com> In-Reply-To: <1389886004148-5876949.post@n5.nabble.com> References: <CAG=rPVfxFiOVOeSyDP=wBubNQCHK5dqcgBBaJjeS6XXtSZSZqg@mail.gmail.com> <51ED5308.3020008@gmx.com> <CAJ-VmomAC573hrQivfT9Gn_tJn5SkMhM_MK8hUCbtr-7D-NGDw@mail.gmail.com> <CAG=rPVd3F2sfwizJuEngxexo0Rby2qwzqpAB4_K-fZXXb8-Rmw@mail.gmail.com> <CAJ-Vmo=jDPrJHXRz8xY9aA-soBx54DjvqkpzdSUvr%2B4hZ9ExkQ@mail.gmail.com> <201307222338.09833.zec@fer.hr> <1389886004148-5876949.post@n5.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok, I have found the cause. The patches I use fix the host pf, but pf inside jails is broken. This means if we expose the pf device to the jails, calling pfctl on it causes a panic. To make sure your jails get just the limited ruleset, I suggest you put the following line to your /etc/rc.conf: devfs_load_rulesets="YES" -- View this message in context: http://freebsd.1045724.n5.nabble.com/VIMAGE-PF-crash-in-mbuf-destructor-tp5830537p5883192.html Sent from the freebsd-pf mailing list archive at Nabble.com.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1391591816960-5883192.post>