From owner-freebsd-questions  Tue Jan  8 18:56:39 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by hub.freebsd.org (Postfix) with SMTP id 3A69D37B404
	for <freebsd-questions@freebsd.org>; Tue,  8 Jan 2002 18:56:33 -0800 (PST)
Received: (qmail 30221 invoked by uid 0); 9 Jan 2002 02:56:30 -0000
Received: from 252.catv54.lgt01.lan.ch (HELO schleppi.gmx.net) (212.60.54.252)
  by mail.gmx.net (mp013-rz3) with SMTP; 9 Jan 2002 02:56:30 -0000
Message-Id: <5.1.0.14.0.20020109035110.00a37ec0@imap-oen.fhso.ch>
X-Sender: turbo23@gmx.net@mail.gmx.net (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Wed, 09 Jan 2002 03:56:17 +0100
To: freebsd-questions@freebsd.org
From: turbo <turbo23@gmx.net>
Subject: bug in trafcount?
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hello

I've used  trafcount 0.2.1 kernel module from the ports 
(usr/local/net/trafcount). It worked for me for several weeks. But then I 
tried to make a security check on my system with nessusd.
During this test my system crashed immediately with a fatal trap 12. So i 
tried the scan without the loaded trafcount kernel module and it passed the 
scan without a crash. So I made several tests without the loaded trafcount 
kernel module and with the loaded kernel module. It crashed all the time 
with the loaded trafcount kernel module. It was tested without a firewall 
rule as an open system.

Perhaps someone can verify this. You can use this syntax below. It's the 
same syntax that nessus use for a the portscann

local# nmap -n -p 1-15000 -sS -sU -sR -O -f -I yourip

My system:
Kernel File:
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=300
options IPDIVERT

No firewall rule set.

Freebsd 4.5prerelease cvsuped today
AMD Athlon 700mhz
768Mb ram
2x20gb
realtek 8139 ethernet card

regards
Thomas Vogt


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message