From owner-freebsd-pf@FreeBSD.ORG Fri May 25 07:30:17 2012 Return-Path: Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D80CA106564A for ; Fri, 25 May 2012 07:30:16 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 80A1D8FC08 for ; Fri, 25 May 2012 07:30:16 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q4P7UGYF006040 for ; Fri, 25 May 2012 07:30:16 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q4P7UGu0006036; Fri, 25 May 2012 07:30:16 GMT (envelope-from gnats) Date: Fri, 25 May 2012 07:30:16 GMT Message-Id: <201205250730.q4P7UGu0006036@freefall.freebsd.org> To: freebsd-pf@FreeBSD.org From: Joerg Pulz Cc: Subject: Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad fragment handling?) X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Joerg Pulz List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 May 2012 07:30:17 -0000 The following reply was made to PR kern/168190; it has been noted by GNATS. From: Joerg Pulz To: Daniel Hartmeier Cc: bug-followup@freebsd.org, freebsd-pf@freebsd.org Subject: Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad fragment handling?) Date: Fri, 25 May 2012 09:25:38 +0200 (CEST) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 24 May 2012, Joerg Pulz wrote: > Daniel, > > exactly, ipfw was enabled with the above kernel options but not configured > to filter or do anything but the DEFAULT_TO_ACCEPT. > I've rebuilt the kernel without IPFIREWALL options. The system is running > now for about three and a half hours. > Time will show if this solved our problem. > I'm still wondering why these panics showed up in irregular unreproducable > intervals. > > Thanks for writing to the ipfw list. I'm really interested in tracking > this further down to fix it forever, so nobody will stumble over it again. > > Thanks for all your help. Feel free to contact me if you have new ideas or > things i should try. Daniel, the system is still running without panic, but i found the following log entries from last night: May 24 23:28:57 charon kernel: pf_route: m0->m_len < sizeof(struct ip) May 24 23:28:57 charon kernel: pf_route: m0->m_len < sizeof(struct ip) Do you think that this may be related to the panics? I've found this error message two times in contrib/pf/net/pf.c. I can't say which of them or both have printed the message. Kind regards Joerg - -- The beginning is the most important part of the work. -Plato -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iD8DBQFPvzP1SPOsGF+KA+MRAngoAJ4wk4PSjEtYvpCak2H8Qze8GaUbfwCgg2dq 2sQgy+3qWttRKxCj/WctPvY= =ejhQ -----END PGP SIGNATURE-----