Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Apr 2010 12:35:10 +0400
From:      c0re <nr1c0re@gmail.com>
To:        freebsd-stable@freebsd.org
Subject:   Re: FreeBSD 7.3, reboot after panic: double fault
Message-ID:  <i2t44d4913e1004220135jac5d360akef6e2a53a512d404@mail.gmail.com>
In-Reply-To: <n2g44d4913e1004192353o89dd3437ue9a01c8d5e6b6de5@mail.gmail.com>
References:  <n2g44d4913e1004192353o89dd3437ue9a01c8d5e6b6de5@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Bjoern A. Zeeb, I send you e-mail with link to download kernel and dump.

And I remade kernel panic situation on virtual machines.

You need 2 freebsd machines for gre tunnel.
First need just to make gre tunnel like:

ifconfig em0 inet 10.0.0.1  netmask 255.255.255.0
ifconfig gre0 create
ifconfig gre0 inet 192.168.0.1 192.168.0.2 tunnel 10.10.0.1 10.10.0.2
netmask 255.255.255.252 link1 up
route add 10.10.0.3/32 10.10.0.2

Also this machine will be as a client to connect to remote. So we need to
install some browser like lynx.

Second machine:
Default installation of freebsd 7.3 with "src" checked in distributions.
After install - recompile kernel for IPFIREWALL_FORWARD support (mainly):

# Local additions
options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
options         IPFIREWALL_VERBOSE_LIMIT=1000   #limit verbosity
options         IPFIREWALL_FORWARD      #packet destination changes
options         IPDIVERT                #divert sockets
options         IPSTEALTH               #support for stealth forwarding
options         DUMMYNET
device          carp

And make kernel KERNCONF=MYKERNEL

reboot and configure network and firewall:

ifconfig em0 inet 10.10.0.2  netmask 255.255.255.0
ifconfig em0 alias inet 10.0.0.3 netmask 255.255.255.255
ifconfig gre0 create
ifconfig gre0 inet 192.168.0.2 192.168.0.1 tunnel 10.0.0.2 10.0.0.1 netmask
255.255.255.252 link1 up

ipfw add 00100 fwd 192.168.0.1 icmp from 10.0.0.3 to any out via em0
ipfw add 00200 fwd 192.168.0.1 tcp from 10.0.0.3 80 to any out via em0
ipfw add 00300 fwd 192.168.0.1 tcp from 10.0.0.3 443 to any out via em0
ipfw add 00400 allow ip from any to any

At that moment you can check icmp ping from 10.0.0.1 10.0.0.3 and ipfw show
to view that ipfw fwd counters are working.

Next we need to have some tcp service. I used apache2.
So in port /usr/ports/www/apache20 make install clean.
apache20_enable="YES" in rc.conf
In /usr/local/etc/apache2/httpd.conf:
edit "Listen 80" to "Listen 10.0.0.3:80 <http://10.0.0.3/>"
and add virtual host with 10kb index.html

NameVirtualHost 10.0.0.3:80 <http://10.0.0.3/>;
<Virtualhost 10.0.0.3:80 <http://10.0.0.3/>>;
   DocumentRoot /usr/local/www/test
</Virtualhost>

mkdir /usr/local/www/test
dd if=/dev/random of=/usr/local/www/test/index.html bc=10k count=1

/usr/local/etc/rc.d/apache2 start

At that moment everything ready to panic :)
>From first machine i'm trying lynx http://10.0.0.3/

On second machine I see kernel panic.

When I was testing - I got no panic at first time. So I generated apache ssl
certs and adited ssl.conf. But next time I made same configuration - not
only 443, but 80 port connection made kernel panic too.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?i2t44d4913e1004220135jac5d360akef6e2a53a512d404>