Date: Wed, 06 Jun 2012 04:36:24 +1000 From: Darren Reed <darrenr@freebsd.org> To: bsdbug@bospaling.nl Cc: freebsd-net@freebsd.org, freebsd-bugs@FreeBSD.org Subject: kern/167768: [ipfilter] Fatal trap in ipfilter/ipnat Message-ID: <4FCE51A8.1040703@freebsd.org>
next in thread | raw e-mail | index | archive | help
The problem is that you have a port range of 0 in an
ipnat.conf line. Quick solution is to ensure that all
ipnat.conf lines specify a range of ports of greater than 0.
Otherwise patch below applies.
Darren
--- /tmp/ip_nat.c.orig 2012-06-06 04:31:31.000000000 +1000
+++ /tmp/ip_nat.c 2012-06-06 04:31:41.000000000 +1000
@@ -2040,7 +2040,7 @@
port = np->in_pnext;
} else {
port = ipf_random() % (ntohs(np->in_pmax) -
- ntohs(np->in_pmin));
+ ntohs(np->in_pmin) +1);
port += ntohs(np->in_pmin);
}
port = htons(port);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FCE51A8.1040703>