From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 03:53:47 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id DDC8C16A4CF; Thu, 16 Sep 2004 03:53:47 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 18588 invoked by uid 1005); 5 Oct 2003 15:36:24 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 18581 invoked from network); 5 Oct 2003 15:36:24 -0000 Received: from moutng.kundenserver.de (212.227.126.189) by p50839ebc.dip.t-dialin.net with SMTP; 5 Oct 2003 15:36:24 -0000 Received: from [212.227.126.211] (helo=mxng15.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1A6AtE-00065s-00 for max@vampire.homelinux.org; Sun, 05 Oct 2003 17:33:44 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng15.kundenserver.de with esmtp (Exim 3.35 #1) id 1A6AtC-0003rb-00 for max@love2party.net; Sun, 05 Oct 2003 17:33:42 +0200 Received: from turing (localhost [127.0.0.1])ESMTP id 1417A3908D9; Sun, 5 Oct 2003 10:28:24 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Sun, 05 Oct 2003 10:28:18 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from smtp.netcabo.pt (smtp.netcabo.pt [212.113.174.9]) ESMTP id 756253908AB for ; Sun, 5 Oct 2003 10:28:17 -0500 (EST) Received: from dequim.ist.utl.pt ([213.22.171.17]) by smtp.netcabo.pt with Microsoft SMTPSVC(5.0.2195.5329); Sun, 5 Oct 2003 16:28:26 +0100 Message-ID: <3F803A15.9060405@dequim.ist.utl.pt> From: Bruno Afonso User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5b) Gecko/20030901 Thunderbird/0.2 X-Accept-Language: en-us, en MIME-Version: 1.0 To: pf4freebsd@freelists.org References: <1065107810.3f7c4162b252a@mrna.ist.utl.pt> <19920876018.20031002175427@love2party.net> <3F7CB204.9030506@dequim.ist.utl.pt> <20031003075152.GA16760@kt-is.co.kr> In-Reply-To: <20031003075152.GA16760@kt-is.co.kr> Content-type: text/plain; charset=us-ascii X-OriginalArrivalTime: 05 Oct 2003 15:28:26.0952 (UTC) FILETIME=[52864C80:01C38B55] X-archive-position: 185 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: brunomiguel@dequim.ist.utl.pt Precedence: normal X-list: pf4freebsd Content-Transfer-Encoding: quoted-printable X-UID: 300 X-Length: 4600 X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:52 +0000 Subject: [pf4freebsd] Re: pf errors meaning X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 03:53:48 -0000 X-Original-Date: Sun, 05 Oct 2003 16:34:45 +0100 X-List-Received-Date: Thu, 16 Sep 2004 03:53:48 -0000 Pyun YongHyeon wrote: > You can see the offending function _fget() in /sys/kern/kern_descrip.c. > I believe this error is not related with FreeBSD pf. > However, you don't have traces so I can't sure that. yes :-( > Did you have two kernel modules in your system?(/boot/kernel and > /usr/local/modules) Did you patch your kernel after installing > FreeBSD pf? Can you tell me the exact procure you used while loading > and unloading pf? Can you post your rule file and comment on your > network setup? Did your rule file have table rules? Only have one model. I used stock kernel from releng_5_1 with only some options added. :-) I'm using a port based rc.d script... I only changed the file paths. I use tables... I have a 10.10.0.0/20 table, and some other tables=20 collecting a lot of /24 and /22 networks. I have also removed one synproxy rule I had for http... Since I had=20 problems with it in the past, I removed it once again. (re-introduced it=20 when installing 1.66) > No. It does not necessarily mean FreeBSD pf is error free. There > might be bugs creeping through pf module. I have had no more panics since I removed the synproxy rule and disabled=20 dnscache. But this is irrelevant as we can't really know what caused the=20 panics. :-( I never heard anyone having dnscache panics, so I found that *odd*. > > the break into ddb as I can't afford the box down for a couple hours= :-( > > Unfortunately, someone pressed the restart button before I could get= to=20 > > ddb via serial console... > >=20 > You dont't have to let the box down for a while. At least, we need a > trace report to identify the problem. At DDB propmt you can invoke > 'trace' command and write down the output. If you have enabled kernel > debugging options, you may get valuable crash dump file. This is the > most perferrable one. I'm not working full time, this is a college and I'm a poor student=20 being explored. :-) I am going to look into crash dumps. take care, BA