cvs commit: src/sys/conf NOTES files src/sys/modules/ipfw_nat
Makefile src/sys/netinet ip_fw.h ip_fw2.c ip_fw_nat.c
Paolo Pisati
piso at freebsd.org
Sun Mar 9 20:16:30 UTC 2008
On Sun, Mar 09, 2008 at 02:16:45PM -0300, HM Eng.Prowip wrote:
> > Move ipfw's nat code into its own kld: ipfw_nat.
> >
> > Revision Changes Path
> > 1.1469 +1 -2 src/sys/conf/NOTES
> > 1.1272 +1 -0 src/sys/conf/files
> > 1.1 +8 -0 src/sys/modules/ipfw_nat/Makefile (new)
> > 1.112 +32 -0 src/sys/netinet/ip_fw.h
> > 1.182 +54 -552 src/sys/netinet/ip_fw2.c
> > 1.1 +646 -0 src/sys/netinet/ip_fw_nat.c (new)
> > _______________________________________________
>
>
>
> since this update I get constant
>
> Mar 9 14:06:27 gw kernel: ipfw: install_state: entry already present, done
> Mar 9 14:06:30 gw kernel: ipfw: install_state: entry already present, done
>
> in my log
> I do not use nat
>
> what does this mean?
uhm... i dont' see how this could happen:
ip_fw2::install_state()
q = lookup_dyn_rule_locked(&args->f_id, NULL, NULL);
if (q != NULL) { /* should never occur */
if (last_log != time_uptime) {
last_log = time_uptime;
printf("ipfw: %s: entry already present, done\n",
__func__);
}
IPFW_DYN_UNLOCK();
return (0);
}
show me your ipfw ruleset/kernel config and i'll try to reproduce it.
Is it possible to have access to that box?
--
bye,
P.
More information about the cvs-src
mailing list