Date: Sun, 16 Oct 2005 12:06:33 -0400 (EDT) From: Bruce Walker <bmw@borderware.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/87521: using ipfilter "auth" keyword leads to kernel fault Message-ID: <20051016160633.EDB2A1703F@mxedge.home.wezel.com> Resent-Message-ID: <200510161610.j9GGAHie062011@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 87521
>Category: kern
>Synopsis: using ipfilter "auth" keyword leads to kernel fault
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Oct 16 16:10:17 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Bruce Walker
>Release: FreeBSD 6.0-BETA5 i386
>Organization:
Borderware Technologies Inc.
>Environment:
System: FreeBSD mxedge.home.wezel.com 6.0-BETA5 FreeBSD 6.0-BETA5 #0: Mon Sep 19 00:12:45 UTC 2005 root@x64.samsco.home:/usr/obj/usr/src/sys/GENERIC i386
System is a Portwell with three Realtek 10/100 interfaces.
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-BETA5 #0: Mon Sep 19 00:12:45 UTC 2005
root@x64.samsco.home:/usr/obj/usr/src/sys/GENERIC
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: VIA C3 Nehemiah+RNG (997.46-MHz 686-class CPU)
Origin = "CentaurHauls" Id = 0x693 Stepping = 3
Features=0x380b13d<FPU,DE,PSE,TSC,MSR,CX8,MTRR,PGE,CMOV,MMX,FXSR,SSE>
real memory = 260046848 (248 MB)
avail memory = 245014528 (233 MB)
npx0: [FAST]
npx0: <math processor> on motherboard
npx0: INT 16 interface
cpu0 on motherboard
pcib0: <Host to PCI bridge> pcibus 0 on motherboard
pir0: <PCI Interrupt Routing Table: 12 Entries> on motherboard
pci0: <PCI bus> on pcib0
agp0: <VIA 8601 (Apollo ProMedia/PLE133Ta) host to PCI bridge> mem 0xe0000000-0xe3ffffff at device 0.0 on pci0
pcib1: <PCI-PCI bridge> at device 1.0 on pci0
pci1: <PCI bus> on pcib1
pci1: <display, VGA> at device 0.0 (no driver attached)
isab0: <PCI-ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <VIA 82C686B UDMA100 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xd000-0xd00f at device 7.1 on pci0
ata0: <ATA channel 0> on atapci0
ata1: <ATA channel 1> on atapci0
uhci0: <VIA 83C572 USB controller> port 0xd400-0xd41f irq 10 at device 7.2 on pci0
uhci0: [GIANT-LOCKED]
usb0: <VIA 83C572 USB controller> on uhci0
usb0: USB revision 1.0
uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
pci0: <bridge> at device 7.4 (no driver attached)
re0: <RealTek 8139C+ 10/100BaseTX> port 0xdc00-0xdcff mem 0xe7000000-0xe70000ff irq 5 at device 9.0 on pci0
miibus0: <MII bus> on re0
rlphy0: <RealTek internal media interface> on miibus0
rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
re0: Ethernet address: 00:90:fb:04:5a:7e
re1: <RealTek 8139C+ 10/100BaseTX> port 0xe000-0xe0ff mem 0xe7001000-0xe70010ff irq 10 at device 10.0 on pci0
miibus1: <MII bus> on re1
rlphy1: <RealTek internal media interface> on miibus1
rlphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
re1: Ethernet address: 00:90:fb:04:5a:7d
re2: <RealTek 8139C+ 10/100BaseTX> port 0xe400-0xe4ff mem 0xe7002000-0xe70020ff irq 11 at device 11.0 on pci0
miibus2: <MII bus> on re2
rlphy2: <RealTek internal media interface> on miibus2
rlphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
re2: Ethernet address: 00:90:fb:04:5a:7c
pmtimer0 on isa0
orm0: <ISA Option ROMs> at iomem 0xc0000-0xcbfff,0xcc000-0xcffff on isa0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
ppc0: parallel port not found.
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio1 at port 0x2f8-0x2ff irq 3 on isa0
sio1: type 16550A
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
unknown: <PNP0303> can't assign resources (port)
unknown: <PNP0c01> can't assign resources (memory)
unknown: <PNP0c02> can't assign resources (memory)
unknown: <PNP0501> can't assign resources (port)
unknown: <PNP0501> can't assign resources (port)
uhub1: Mitsumi Electric Hub in Apple Extended USB Keyboard, class 9/0, rev 1.10/4.10, addr 2
uhub1: 3 ports with 2 removable, bus powered
ukbd0: Mitsumi Electric Apple Extended USB Keyboard, rev 1.10/4.10, addr 3, iclass 3/1
kbd1 at ukbd0
uhid0: Mitsumi Electric Apple Extended USB Keyboard, rev 1.10/4.10, addr 3, iclass 3/1
Timecounter "TSC" frequency 997463205 Hz quality 800
Timecounters tick every 1.000 msec
acd0: CDROM <ASUS CD-S400/A/V2.0S> at ata0-master UDMA33
ad2: 19077MB <IBM DJSA-220 JS4OAC2A> at ata1-master UDMA66
Trying to mount root from ufs:/dev/ad2s1a
IP Filter: v4.1.8 initialized. Default = pass all, Logging = enabled
re0: promiscuous mode enabled
re1: promiscuous mode enabled
>Description:
Attempting to use the ipfilter (ipf) "auth" filter match. With
that rule installed, if a packet matching that rule is received,
a kernel fault occurs. I am using the GENERIC installed kernel,
bridging module is installed, ipf is enabled.
I verified that general networking and bridging work fine,
and other ipf filter rules work fine too.
>How-To-Repeat:
[rc.conf]
ifconfig_re0="inet 192.168.131.3 netmask 255.255.255.0"
defaultrouter="192.168.131.5"
ipfilter_enable="YES"
ipmon_enable="YES"
[rc.local]
kldload -v bridge
sysctl -w net.link.ether.bridge.enable=1
sysctl -w net.link.ether.bridge.ipf=1
sysctl -w net.link.ether.bridge.config=re0,re1
[ipf.rules]
pass in from any to any
pass out from any to any
block return-icmp-as-dest(port-unr) in log on re0 proto tcp from any to any port = 23
auth in on re0 proto tcp from any to any port = 23 flags S keep state
Then try to telnet through (or to) the bridge.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051016160633.EDB2A1703F>