From owner-freebsd-ipfw@freebsd.org  Sat May 15 07:24:51 2021
Return-Path: <owner-freebsd-ipfw@freebsd.org>
Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 83ACE63C94B
 for <freebsd-ipfw@mailman.nyi.freebsd.org>;
 Sat, 15 May 2021 07:24:51 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 4Fhxjv38zgz4t0h
 for <freebsd-ipfw@freebsd.org>; Sat, 15 May 2021 07:24:51 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 6ACEF63CB3B; Sat, 15 May 2021 07:24:51 +0000 (UTC)
Delivered-To: ipfw@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6A96063CBA9
 for <ipfw@mailman.nyi.freebsd.org>; Sat, 15 May 2021 07:24:51 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Fhxjv2F2fz4t0g
 for <ipfw@FreeBSD.org>; Sat, 15 May 2021 07:24:51 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:1d])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 35AED21730
 for <ipfw@FreeBSD.org>; Sat, 15 May 2021 07:24:51 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14F7OpZI067953
 for <ipfw@FreeBSD.org>; Sat, 15 May 2021 07:24:51 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14F7OpdJ067952
 for ipfw@FreeBSD.org; Sat, 15 May 2021 07:24:51 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: ipfw@FreeBSD.org
Subject: [Bug 255775] panic with ipfw turned on at boot time
Date: Sat, 15 May 2021 07:24:51 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 13.0-STABLE
X-Bugzilla-Keywords: crash, ipfilter
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: michael@meiszl.de
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: ipfw@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-255775-8303-AOCdfDXnNB@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-255775-8303@https.bugs.freebsd.org/bugzilla/>
References: <bug-255775-8303@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 15 May 2021 07:24:51 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255775

--- Comment #11 from Michael Meiszl <michael@meiszl.de> ---
after running for some days (with fw started manually) it crashed again
yesterday, but on a totally different function:
Unread portion of the kernel message buffer:
panic: Assertion stp->st_flags =3D=3D 0 failed at
/root/src/sys/kern/sys_generic.c:1942
cpuid =3D 1
time =3D 1620999784
KDB: stack backtrace:
#0 0xffffffff80c400e5 at kdb_backtrace+0x65
#1 0xffffffff80bf5be1 at vpanic+0x181
#2 0xffffffff80bf59b3 at panic+0x43
#3 0xffffffff80c63b20 at seltdfini+0xa0
#4 0xffffffff80bac8fa at exit1+0x49a
#5 0xffffffff80bbddda at kproc_exit+0xaa
#6 0xffffffff82b5116e at smb_iod_thread+0x37e
#7 0xffffffff80bb1f00 at fork_exit+0x80
#8 0xffffffff8105c6ae at fork_trampoline+0xe
Uptime: 2d2h27m29s

I guess this has nothing to do with the main issue, but it made me revert to
the original, unpatched 13.0 kernel for now.

My current approach is to start the fw with a combination of cron and at:

CronEntry: @reboot at -f /root/startfirewall now+3min

Startfirewall script:=20
#!/bin/sh
/usr/sbin/service ipfw onestart

totally simple, but it seems to work for now. I did not notice the panic
yesterday so the whole net ran without fw protection for almost a day. This=
 is
not acceptable. Cron+at limit the dangerous time after a panic or reboot to
3mins

--=20
You are receiving this mail because:
You are the assignee for the bug.=