Date: Mon, 8 Apr 1996 21:52:32 +0200 (MET DST) From: Andreas Klemm <andreas@knobel.gun.de> To: current@FreeBSD.org Subject: Re: rc.firewall has some syntax errors and sample config hangs machine Message-ID: <Pine.BSF.3.92.960408214953.571A-100000@knobel.gun.de> In-Reply-To: <Pine.BSF.3.92.960408170210.210A-100000@knobel.gun.de>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 8 Apr 1996, Andreas Klemm wrote:
Here again, this time with kgdb trace...
"panic: free: multiple frees"
This was my firewall config;
#! /bin/sh
/sbin/ipfw flush
# no restriction
# /sbin/ipfw add 65000 pass all from any to any
# Only in rare cases do you want to change this rule
/sbin/ipfw add 1000 pass all from 127.0.0.1 to 127.0.0.1
if true ; then
# set these to your outside interface network and netmask and ip
oif="tun0"
onet="192.109.159.0"
omask="255.255.255.0"
oip="192.109.159.141"
# set these to your inside interface network and netmask and ip
iif="ed0"
inet="149.237.250.0"
imask="255.255.255.0"
iip="149.237.250.1"
# Stop spoofing
/sbin/ipfw add deny all from ${inet}:${imask} to any via ${oif}
/sbin/ipfw add deny all from ${onet}:${omask} to any via ${iif}
# Stop RFC1918 nets on the outside interface
/sbin/ipfw add deny all from 192.168.0.0:255.255.0.0 to any via ${oif}
/sbin/ipfw add deny all from 172.16.0.0:255.240.0.0 to any via ${oif}
/sbin/ipfw add deny all from 10.0.0.0:255.0.0.0 to any via ${oif}
# Allow TCP through if setup succeeded
/sbin/ipfw add deny tcp from any to any established
# Allow setup of incoming email
/sbin/ipfw add pass tcp from any to ${oip} 25 setup
# Allow access to our DNS
/sbin/ipfw add pass tcp from any to ${oip} 53 setup
# Allow access to our WWW
/sbin/ipfw add pass tcp from any to ${oip} 80 setup
# Reject&Log all setup of incoming connections from the outside
/sbin/ipfw add deny log tcp from any to any via ${oif} setup
# Allow setup of any other TCP connection
/sbin/ipfw add pass tcp from any to any setup
# Allow DNS queries out in the world
/sbin/ipfw add pass udp from any 53 to ${oip}
/sbin/ipfw add pass udp from ${oip} to any 53
# Allow NTP queries out in the world
/sbin/ipfw add pass udp from any 123 to ${oip}
/sbin/ipfw add pass udp from ${oip} to any 123
# Everyting else is denied as default.
fi
IdlePTD a1f000
current pcb at 1d42c0
panic: free: multiple frees
#0 boot (howto=260) at ../../i386/i386/machdep.c:940
940 dumppcb.pcb_ptd = rcr3();
(kgdb) bt
#0 boot (howto=260) at ../../i386/i386/machdep.c:940
#1 0xf01188b7 in panic (fmt=0xf01011d8 "from debugger")
at ../../kern/subr_prf.c:133
#2 0xf01011f5 in db_panic (dummy1=-266856653, dummy2=0, dummy3=-1,
dummy4=0xefbffdf0 "") at ../../ddb/db_command.c:395
#3 0xf01010de in db_command (last_cmdp=0xf01bfb34, cmd_table=0xf01bf994)
at ../../ddb/db_command.c:288
#4 0xf010125d in db_command_loop () at ../../ddb/db_command.c:417
#5 0xf01035c8 in db_trap (type=3, code=0) at ../../ddb/db_trap.c:73
#6 0xf018150a in kdb_trap (type=3, code=0, regs=0xefbffeec)
at ../../i386/i386/db_interface.c:136
#7 0xf0188e3c in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -266528644,
tf_esi = -267319602, tf_ebp = -272629968, tf_isp = -272629996,
tf_ebx = 256, tf_edx = -266856699, tf_ecx = 2000, tf_eax = 18,
tf_trapno = 3, tf_err = 0, tf_eip = -266856653, tf_cs = 8,
tf_eflags = 582, tf_esp = -266856715, tf_ss = -267286450})
at ../../i386/i386/trap.c:399
#8 0xf0181d81 in calltrap ()
#9 0xf01188ae in panic (fmt=0xf01106ce "free: multiple frees")
at ../../kern/subr_prf.c:129
#10 0xf01107af in free (addr=0xf1762380, type=1)
at ../../kern/kern_malloc.c:344
#11 0xf0125ab6 in m_freem (m=0xf1762300) at ../../kern/uipc_mbuf.c:245
- ---Type <return> to continue, or q <return> to quit---
#12 0xf0145684 in ip_input (m=0xf1762300) at ../../netinet/ip_input.c:435
#13 0xf01456f0 in ipintr () at ../../netinet/ip_input.c:453
#14 0xf018309d in swi_net_next ()
#15 0x821b in ?? ()
#16 0x8639 in ?? ()
#17 0x18f9 in ?? ()
#18 0xd19b in ?? ()
#19 0xc65d in ?? ()
#20 0x1096 in ?? ()
(kgdb) up 10
#10 0xf01107af in free (addr=0xf1762380, type=1)
at ../../kern/kern_malloc.c:344
344 panic("free: multiple frees");
(kgdb) list
339 #endif /* DIAGNOSTIC */
340 #ifdef KMEMSTATS
341 kup->ku_freecnt++;
342 if (kup->ku_freecnt >= kbp->kb_elmpercl)
343 if (kup->ku_freecnt > kbp->kb_elmpercl)
344 panic("free: multiple frees");
345 else if (kbp->kb_totalfree > kbp->kb_highwat)
346 kbp->kb_couldfree++;
347 kbp->kb_totalfree++;
348 ksp->ks_memuse -= size;
(kgdb) print kup->ku_freecnt
There is no member named ku_freecnt.
(kgdb) print kbp->kb_elmpercl
$1 = 32
Hope, this helps...
Andreas ///
- --
andreas@knobel.gun.de /\/\___ Wiechers & Partner Datentechnik GmbH
Andreas Klemm ___/\/\/ $$ Support Unix - aklemm@wup.de $$
pgp p-key http://www-swiss.ai.mit.edu/~bal/pks-toplev.html >>> powered by <<<
ftp://sunsite.unc.edu/pub/Linux/system/Printing/aps-491.tgz >>> FreeBSD <<<
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMWlugfMLpmkD/U+FAQEjZwP8DfZudd1vZcJoU5Z3tfduKpD4FGZzLF/R
E4poIzv6k7yqXZ85Eydp21UyUa++CcXJ4Dj96IODg/rxS/dvaBPjwz+0NwBb7oAd
SLEog6fiW+9QmjB4o1o/fj+DT6P/gVNNW+rIBE4eRYPQvI0468rsKkxMhVxfZv/A
7xmBPOECszc=
=5laC
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.92.960408214953.571A-100000>