Date: Sun, 13 Mar 2005 02:08:23 +0100 From: Emanuel Strobl <emanuel.strobl@gmx.net> To: pyunyh@gmail.com Cc: pf@freebsd.org Subject: Re: pf panic trace Message-ID: <200503130208.28574@harrymail> In-Reply-To: <20050312050722.GC60892@kt-is.co.kr> References: <20050212061756.GF4769@kt-is.co.kr> <200503111712.36310@harrymail> <20050312050722.GC60892@kt-is.co.kr>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Am Samstag, 12. März 2005 06:07 schrieb Pyun YongHyeon: > On Fri, Mar 11, 2005 at 05:12:31PM +0100, Emanuel Strobl wrote: [...] > Hmm, Max and I had seen these kind of traces when pf porting > was in progress. But now I believe we fixed all possible > cases. > > I can't sure but your trace indicates there is a bug in > ip_fragment(). If a packet already set IP_MF flag in ip header, > we would get invalid ip_off in fragmented packet. > And it seems that there is another bug in pf. Since ip_fragment() > can change passed mbuf, we should not use saved copy of it. > Untested patch for CURRENT attached. Thank you very much for your work, unfortnately the box went in prodction (authoritive Nameserver, Multihomed-Router) last week, so I can't do very much testings because when nobody is in the office I can't reset the box, and if someone is there I can't take it down :( If the patch compiles on RELENG_5 I'll test it on monday evening. Thank you, -Harry [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCM5KMBylq0S4AzzwRAnhZAJ0ZoOivoKrYxKP4PjlJunC07mx87QCff7MG ZbQVyb4GvsqPn4C5RorAwos= =Cfdg -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503130208.28574>