From owner-freebsd-stable@FreeBSD.ORG Wed Nov 10 16:59:41 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9D10016A4CE for ; Wed, 10 Nov 2004 16:59:41 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25B0943D54 for ; Wed, 10 Nov 2004 16:59:41 +0000 (GMT) (envelope-from avleeuwen@gmail.com) Received: by rproxy.gmail.com with SMTP id 34so300859rns for ; Wed, 10 Nov 2004 08:59:40 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=ELYLbRns2cVDCoQxmI2+gi7Vzwps1y8FdegZ+19A29upEVzZEvJeoyuPHulqa+KuPsd7WTEDYH9duPm6Su3xvordO/doH1dPiJZ4rfPPtlx8n5bZ3Kr/jlcgRANfAzynXpSxp5rxIz6/Cm8IfoDUEDOnj571olvwbEZlldT+c/I= Received: by 10.38.179.47 with SMTP id b47mr815306rnf; Wed, 10 Nov 2004 08:59:40 -0800 (PST) Received: by 10.38.206.31 with HTTP; Wed, 10 Nov 2004 08:59:40 -0800 (PST) Message-ID: Date: Wed, 10 Nov 2004 17:59:40 +0100 From: Arjan Van Leeuwen To: Robert Watson In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: cc: freebsd-stable@freebsd.org Subject: Re: Panic in 5.3, related to network traffic X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Arjan Van Leeuwen List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Nov 2004 16:59:41 -0000 On Wed, 10 Nov 2004 17:53:28 +0100, Arjan Van Leeuwen wrote: > On Wed, 10 Nov 2004 16:42:01 +0000 (GMT), Robert Watson > > > wrote: > > > > On Wed, 10 Nov 2004, Arjan Van Leeuwen wrote: > > > > > > Could you send a copy of your dmesg? Could you also use gdb on a kernel > > > > with debug symbols or addr2line to convert the function+offsets in the > > > > trace to file and line number in the source? This is a NULL pointer > > > > dereference, so presumably somewhere there is a poor assumption about > > > > memory allocation or the like. > > > > > > dmesg is attached. > > > > Could you say a little about how ipfilter is being used on the box; would > > it be possible to test with it disabled? > > Sure. It's a very standard setup; I block all traffic by default. I > allow all traffic on the internal network (fxp0), I allow outgoing > traffic on the external network (rl0), and I allow only selected ports > as incoming traffic on rl0 (ssh, http, https, some other things I > need). I can send you the ruleset privately if you want me to. > > What might be interesting is that I also have ipfw enabled (with > default to accept), because I use dummynet for traffic shaping. > > I'll compile a new kernel without ipfilter tonight, and I'll mail you > the results as soon as possible. I forgot that I have a small problem then... emule won't work correctly, because I can't redirect the incoming requests to the right ip address without ipnat. I probably can't invoke the panic at all without ipnat. Do you have any suggestions on how to test this? Arjan > > > > > > > > Robert N M Watson FreeBSD Core Team, TrustedBSD Projects > > robert@fledge.watson.org Principal Research Scientist, McAfee Research > > > > >