Date: Fri, 16 Jan 2004 15:44:34 +0900 From: itojun@iijlab.net To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: current@freebsd.org Subject: Re: [PATCH] IPSec fixes Message-ID: <20040116064434.22DF98C@coconut.itojun.org> In-Reply-To: bzeeb-lists's message of Fri, 16 Jan 2004 06:32:21 GMT. <Pine.BSF.4.53.0401160618440.66397@e0-0.zab2.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>On Fri, 16 Jan 2004, Jun-ichiro itojun Hagino wrote: > >Hi, > >> the problem i have with the patch is, i have never experienced the >> symptom with NetBSD. no panic at all, no funny "SPD entry go away >> when it has to stay" issue nor no "dangling pointer" issue. >> could you show me your script which panics your FreeBSD box? i will >> try that on NetBSD-current box here. > >don't have a shell script but do it on command line by hand. This gives >better logging to serial console when debugging what events occured >when. The basic idea is: > >1. have racoon startup at boot time >2. run setkey -f an_ipsec.conf > an_ipsec.conf: > spdflush; > spdadd ... > spdadd ... > spdadd ... > spdadd ... > ... >3. wait some short time (0-2 minutes) and perhaps do some traffic > I usually open a a ssh connection (no ipsec in that path) to my > directly connected syslog server, reattach a screen with some > tail -f on logfiles >4. repeat step 2 >5. do s.th. like check netstat -s -p ipsec or just wait some seconds >6. kill <pid of racoon> >7. count to ten and wait for the panic to come this does not help me repeat the symptom. could you cook up a shell script which panics your box? (if possible, only with setkey) itojun
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040116064434.22DF98C>