kern/168190: [pf] panic when using pf and route-to (maybe: bad
fragment handling?)
Joerg Pulz
Joerg.Pulz at frm2.tum.de
Tue Jun 5 06:49:02 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 4 Jun 2012, Daniel Hartmeier wrote:
> Here's a patch that directly tests this theory.
>
> If correct, it will replace the panics with simple log messages that
> show when ipfilter left an m_len==0 mbuf.
Daniel,
seems that your patch fixed it.
I've seen the following log entry:
Jun 5 02:15:33 charon kernel: fr_check_wrapper: m_len 0 fixed
No panic and everything is running smooth.
I will go and recompile the kernel with all the IPFIREWALL options
reenabled to make sure that the byte ordering problem does not appear.
I will report back.
Thanks for your help.
Joerg
- --
The beginning is the most important part of the work.
-Plato
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iD8DBQFPzavTSPOsGF+KA+MRArY+AJ43yqTeJ6hb+uCM7xZ8FWTztCz69ACgg1Wx
yVCCuNUO0ipvlbPwa0jzZjM=
=MGzr
-----END PGP SIGNATURE-----
More information about the freebsd-pf
mailing list