Date: Tue, 24 Nov 1998 09:17:32 -0600 (CST) From: "Stephen D. Spencer" <bsd-curr@artorius.sunflower.com> To: freebsd-current@FreeBSD.ORG Subject: Panic using IPFILTER w/ NAT Message-ID: <Pine.BSF.4.05.9811240856540.2721-100000@artorius.sunflower.com>
next in thread | raw e-mail | index | archive | help
System: AMD486dx4-120 clocked down to 100MhZ (the board only goes up to 25MhZ on the Dx4s but I got a good deal on the chip) 32 MB RAM 2 NE2000 ISA cards Adaptec 2840 Quantum 3G Conner 500M FreeBSD 3.0-CURRENT #0: Mon Nov 23 21:08:21 CST 1998 root@madeline.sunflower.com:/usr/src/sys/compile/MADELINE (cvsup'd and compiled on Sunday) Running: sshd 1.2.26 isc-dhcpd server BIND 8.1.2 sendmail 8.9.1 Slow but has been steady for the last 4 years. :) Initial ipnat rules: map ed0 10.15.0.0/16 -> 0/32 proxy port ftp ftp/tcp map ed0 10.15.0.0/16 -> 0/32 portmap tcp/udp 10000:40000 map ed0 10.15.0.0/16 -> 0/32 (I'm still learning NAT config theory. I found the above rules at http://photon.nepean.uws.edu.au/ppp/nat.html so please feel free to send a 'no shit' message if there's something inherently wrong with the above statement(s)) When FTPing from a single 10.15/16 host, the following panic information was made available to me. If more information is needed, please let me know. This is quite reproducable on this particular system. Regards, Stephen --------------------------------------------------------------------- - Stephen Spencer finger gladiatr@artorius.sunflower.com for - - administrator PGP key. - - Sunflower Datavision http://www.sunflower.com/data - --------------------------------------------------------------------- They ask me why I live in the green mountains. I smile and don't reply; my heart's at ease. Peach blossoms flow downstream, leaving no trace - And there are no other earths and skies than these. Li Po (701-761) db> show procvm Fatal trap 12: page fault while in kernel mode fault virtual address = 0x60 fault code = supervisor read, page not present instruction pointer = 0x8:0xf018fa86 stack pointer = 0x10:0xf01e0b88 frame pointer = 0x10:0xf01e0b8c code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = Idle interrupt mask = kernel: type 12 trap, code=0 Stopped at _fr_addstate+0x244: movl 0x30(%edx),%ecx db> trace _fr_addstate(f032dc30,f01e0f14,500a,f08f0680,f032dc44) at _fr_addstate+0x244 _ippr_ftp_out(f01e0f14,f032dc30,f032dc44,f08f0680,f08f0080) at _ippr_ftp_out+0x242 _ap_check(f032dc30,f032dc44,f01e0f14,f08f0080,202) at _ap_check+0xe0 _ip_natout(f032dc30,14,f01e0f14) at _ip_natout+0x2c3 _fr_check(f032dc30,14,f0207c68,1,f01e0fa0) at _fr_check+0x3ae _ip_output(f032dc00,0,f01fa388,1,0) at _ip_output+0x3e6 _ip_forward(f032dc00,0,f032dc00,f3ffd340,0) at _ip_forward+0x19b _ip_input(f032dc00) at _ip_input+0x3ae _ipintr(f01a0693,80000000,10,10,0) at _ipintr+0x4b swi_net_next() at swi_net_next db> show registers cs 0x3c250008 ds 0x10 es 0xf01e0010 __DYNAMIC+0x1010 ss 0x10 eax 0x3be93a ecx 0 edx 0 ebx 0xf08f1108 esp 0xf01e0d38 __DYNAMIC+0x1d38 ebp 0xf01e0dd0 __DYNAMIC+0x1dd8 esi 0xa8 edi 0xf01e0e24 __DYNAMIC+0x1e24 eip 0xf0172b58 _fr_addstate+0x244 efl 0x10246 _fr_addstate+0x244: movl 0x30(%edx),%ecx db> show page cnt.v_free_count: 1770 cnt.v_cache_count: 0 cnt.v_inactive_count: 1035 cnt.v_active_count: 3782 cnt.v_wire_count: 1039 cnt.v_free_reserved: 123 cnt.v_free_min: 160 cnt.v_free_target: 603 cnt.v_cache_min: 603 cnt.v_inactive_target: 904 ------------------------------ kernel config: machine "i386" cpu "I486_CPU" ident MADELINE maxusers 100 options INET #InterNETworking options FFS #Berkeley Fast Filesystem options PROCFS #Process filesystem options "COMPAT_43" #Compatible with BSD 4.3 [KEEP THIS!] options SCSI_DELAY=5000 options UCONSOLE #Allow users to grab the console options USERCONFIG #boot -c editor options VISUAL_USERCONFIG #visual boot -c editor config kernel root on da0 controller isa0 controller eisa0 controller fdc0 at isa? port "IO_FD1" bio irq 6 drq 2 vector fdintr disk fd0 at fdc0 drive 0 controller ahc0 controller scbus0 device da0 device pass0 #CAM passthrough driver device sc0 at isa? port "IO_KBD" flags 0x2 tty irq 1 vector scintr device npx0 at isa? port "IO_NPX" flags 0x1 irq 13 vector npxintr device ed0 at isa? port 0x300 net irq 10 iomem 0xd8000 vector edintr device ed1 at isa? port 0x320 net irq 5 iomem 0xd8000 vector edintr pseudo-device loop pseudo-device ether pseudo-device tun 1 pseudo-device pty 32 pseudo-device gzip # Exec gzipped a.out's options KTRACE #kernel tracing options SYSVSHM options SYSVSEM options SYSVMSG pseudo-device bpfilter 6 #Berkeley packet filter options IPFILTER #kernel ipfilter support options IPFILTER_LOG #ipfilter logging options DDB ------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9811240856540.2721-100000>