Site Navigation

Date:      Thu, 5 Dec 2002 00:55:12 -0500
From:      "Ilya" <mail@krel.org>
To:        <freebsd-ipfw@freebsd.org>
Subject:   ipfw2 crashes
Message-ID:  <00d701c29c22$e04bcb80$0100a8c0@ilya>
References:  <3DEE16D7.1020706@northnetworks.ca> <3DEE39C3.5040704@northnetworks.ca> <000901c29bbb$7bb4a0a0$4635a8c0@sloniki> <3DEE6D69.1080504@northnetworks.ca>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]
I have tried ipfw2 and it core dumps on my box.
i saw these errors during boot:
ipfw: size mismatch (have 176 want 16420)
ipfw: size mismatch (have 176 want 48)
ipfw: size mismatch (have 176 want 48)
ipfw: size mismatch (have 176 want 48)
ipfw: size mismatch (have 176 want 48)
ipfw: size mismatch (have 176 want 48)
ipfw: size mismatch (have 176 want 48)


i cant gdb the core file, so it is attached (its very small), hope it will
help.
4.7 stable


here is the ruleset:

#Flush rules
ipfw -f flush
ipfw -f zero
ipfw -f resetlog

#Natd
ipfw add divert natd all from any to any via $DIF
ipfw add check-state

#       Allow any traffic from local network to any passing through the
#       internal interface
ipfw add allow ip from $LAN to any keep-state via $LIF
ipfw add allow ip from $LAN to any keep-state via $LIF
#ipfw add allow ip from $LAN to any via $LIF
ipfw add allow ip from $ALCHEMISTRY to any keep-state via $DIF
ipfw add allow ip from $IPC to any keep-state via $CIF

#Allow incoming requests to reach the following services:
ipfw add allow tcp from any to $ALCHEMISTRY 22,25,80 setup keep-state via
$DIF
ipfw add check-state

#       Allow DNS traffic from internet to query your DNS (for reverse
#       lookups etc).
ipfw add allow udp from any 53 to $ALCHEMISTRY 53 via $DIF
ipfw add allow udp from any 1024-65535 to $ALCHEMISTRY 53 via $DIF
ipfw add allow udp from any 53 to $RUMATA 53 via $DIF
ipfw add allow udp from any 1024-65535 to $RUMATA 53 via $DIF
ipfw add allow udp from any 53 to $ALCHEMISTRY 1024-65535 via $DIF
ipfw add allow udp from any 53 to $RUMATA 1024-65535 via $DIF

#       Allow required ICMP
ipfw add allow icmp from any to any icmptypes 3,4,11,12

#httptunel from work
#ipfw add allow tcp from any to $RUMATA 443 setup via $DIF


#LOCAL
ipfw add pass all from any to any via lo0
ipfw add deny log all from any to 127.0.0.0/8

#ipfw add deny log tcp from any to any in via fxp0 established
#ipfw add deny log ip from any to any in recv fxp0 frag

#ipfw add deny log ip from $LAN to any in via $CIF
#ipfw add deny log ip from $LAN to any in via $DIF
#ipfw add deny log ip from not $LAN to any in via $CIF
#ipfw add deny log ip from not $LAN to any in via $DIF

#       Stop private networks (RFC1918) from entering the outside interface.
ipfw add deny log ip from 192.168.0.0/16 to any in via $CIF
ipfw add deny log ip from 192.168.0.0/16 to any in via $DIF
ipfw add deny log ip from 172.16.0.0/12 to any in via $CIF
ipfw add deny log ip from 172.16.0.0/12 to any in via $DIF

ipfw add deny log ip from 10.0.0.0/8 to any in via $CIF
ipfw add deny log ip from 10.0.0.0/8 to any in via $DIF
ipfw add deny log ip from any to 192.168.0.0/16 in via $CIF
ipfw add deny log ip from any to 192.168.0.0/16 in via $DIF
ipfw add deny log ip from any to 172.16.0.0/12 in via $CIF
ipfw add deny log ip from any to 172.16.0.0/12 in via $DIF
ipfw add deny log ip from any to 10.0.0.0/8 in via $CIF
ipfw add deny log ip from any to 10.0.0.0/8 in via $DIF
ipfw add deny ip from 212.9.233.50 to any in via $CIF
ipfw add deny ip from 212.9.233.50 to any in via $DIF

#       Stop draft-manning-dsua-01.txt nets on the outside interface
ipfw add deny log all from 0.0.0.0/8 to any in via $CIF
ipfw add deny log all from 0.0.0.0/8 to any in via $DIF
ipfw add deny log all from 169.254.0.0/16 to any in via $CIF
ipfw add deny log all from 169.254.0.0/16 to any in via $DIF
ipfw add deny log all from 192.0.2.0/24 to any in via $CIF
ipfw add deny log all from 192.0.2.0/24 to any in via $DIF
ipfw add deny log all from 224.0.0.0/4 to any in via $CIF
ipfw add deny log all from 224.0.0.0/4 to any in via $DIF
ipfw add deny log all from 240.0.0.0/4 to any in via $CIF
ipfw add deny log all from 240.0.0.0/4 to any in via $DIF
ipfw add deny log all from any to 0.0.0.0/8 in via $CIF
ipfw add deny log all from any to 0.0.0.0/8 in via $DIF
ipfw add deny log all from any to 169.254.0.0/16 in via $CIF
ipfw add deny log all from any to 169.254.0.0/16 in via $DIF
ipfw add deny log all from any to 192.0.2.0/24 in via $CIF
ipfw add deny log all from any to 192.0.2.0/24 in via $DIF
ipfw add deny log all from any to 224.0.0.0/4 in via $CIF
ipfw add deny log all from any to 224.0.0.0/4 in via $DIF
ipfw add deny log all from any to 240.0.0.0/4 in via $CIF
ipfw add deny log all from any to 240.0.0.0/4 in via $DIF

#       Allow all established connections to persist (setup required
#       for new connections).
ipfw add allow tcp from any to any established

#Deny Everything else
ipfw add 65534 deny log ip from any to any via $CIF in
ipfw add 65534 deny log ip from any to any via $DIF in

[-- Attachment #2 --]
����=ipfw.core��	|����'!��� �����w�h��LB�"�r��\&A�BH2�˙�%�j�"�b-����*���]�ՆVw�zTjū�ţ[w�n=�`���;C�Qd������g��3���$$$���$3�$�.�
��5�&#��1���=��:NU;��_Vɱ����Z���k�|�3���w�R���`��1x�C�����yG�->�n�9v�%�`pNmQ���V��S󧤘�4>�Yf�	j����}�mg�MW�:iz�
:	_Krΰ{ML0�{}}������{�	����G��b�v�숝B;���ކ5�=vZ�c��!0
�?�)�����D:״w����H��ل�"�Ʈp0{������j�#�윮��v�4�{iW0����ߜ��No�>ߤw������̜�&��{m���0��̶�\?Ҏ���ϥ8��޵��v$��c���uߜ����p��ն��}u�[^U��Ը���H��ͤ7����C��R�{���oju�#�3��ܦt�
��-��,�).��e�eu&{���1��&�of��f��n�W��ʪ���������5���
S��������rn��΍n���ƮW0���T����י��Ǣ����J��_[\�AE���M�-������ܔT�Tx[�ϪSPTTVWVUYPn�kt��/�-�+���r��+Ӥ��������5nF���I�-]�"�p��%M���e�`�ٻ�^c/�;B��;YWZCm�֮�4=�\��`/��I����F�Hn���vl�y���Ů��EL���]߹�#h4.k�6tz�s�Č����iڴ?������;2ũW�_���wŦ��7�:�r��cc�3���㚁˳�����o]���
)�5�j���
)N��o�����޸U��4ig^l.6-�6wv���]�t��/Y]�p�^�ZBKm�Y��ި�����p��3�Ѹ�Ia��9�E�%sK�>;��������ں�.�_��ai�^[�7�V�limk�4��Z��{�Zv���i�g̜uN��?��5D����3�=3=r���!�l�s�i�N����Xwg���������{�qw�s�
�]�U�0�vɰ�STzSz��~X�nKq��;b��us��6u��WZP[��Vuu����v��,ki_�v4,F2]���1�{Nt�	�
���/�8���X��A�{c��6������mis�ϻ��~�y�F����{�����5�4^��~_�V��^�U��H�F�8Y��k�F�=r���?�q�F���5��j<����K|�;�cǰ'��7c�,!��������w�G�\\���hF�$�3�&�8z����h3�oƚq�Y?�0�o�Do㵱�K���q�F��Hll��!��~�$6.��3�v��2މ�Gv^�ǹ���T��$�IjO�ϩ���k|N�F�3A�T^�sZ4n���lR��g�K*�1qrK{cCKg�5�٘:#s������`Μ�+��qlv��H���f�'ž`�s��H�^�4D_���r�3s��Y�fe�gf��t��<���u;����[���N:��7��;­��
�����q��|��T�.�O�����U{v�\��s��:�N���4�^�7�0kl~t'o����^���5]m������o�Ì{_�V��ډG���c�v$�I
��d$}�}&A%�Q*I�T�JQ�JU��F�z�9N�Vc��j�2듎m���ڿ�ƨ��XeNM:�
�w�%��¾�؇�}O���=߾���z��c���{�}o����=ݾ���r���'�u��NR'�S��7�S�i�O՟��է������\��&*���Rg+�G�����5E�k���ߘ�*[娩��;�4���ھ��T�5:O��f+�1�3��NP
j����okA�L-7���Cj�Zi����*�Q�]u�K���0�:U�Z��߂���V]�.V���P�Ւ?��?�>�.S_P�T����\}I]��TW�/�^�^]��QԵj��N]�nP7���M��&�Yݬ��nQ_W[ԭ�/�mj����]}Sݡ�T��Rw��V��{�6�7�oշ������������W�W�P�~�~�T�)���������#��?���G�?�����	����zJ�P?WO�_�g�N��zN=�^P/�_���������;�k�W��n��zC���R�V��~��V���M�V�Q���C��x�W�]��z_}�>T��~���}�#�\hx��#M�*R��S���JU����g��3S�*U��V(�y�Vթ��B�@ի�j�9�������<�Gz�ʮE��V��o���?&�Hv�a���E��}
�lȖ��޸��yc��޸���sE�}��'4F�+���O>iGw��D�zkU�;޾�V��׷�o�x��y�Y��g��rt���5c���f��W.�]Uh�\���{M�
Kv׿V�p���:�����zv�i�n�Y��Ԟ���z�������������U5�"�t����/_4�/��媓�\����<�e�Ի��9�Y�w�S�o�9�n����۷5e$?:�X�������
��]���8O�Nv�T�*R��F�E�����@���}>!t��,m�/c�[���?�m��c���
س��i��l���%����u���K-Q
e���n_l�ٱ�k:;��P�ONqޞp�wX+�kʨǧ9�V�դʨ���s��QT���\��\qɡ����>��g̷t��
v�U	&0g��I�ԯ��3��r�ނ���cs�a�C�]�Mݩ����nS��[�f�IݠzU��,t����j��|j�潣�V��K��A�PUZ������������ľ�>�<�������Ŀ@�z4_OEߌ�g*���~ֲO��D���ށ��X��Y�x��\�Ǝ�V�qq��6D��sc�.׻u��Y�\ן�7՟�;�mhl����uv�|�{G�#c��p�qq$xifc�L�s��������ܬY�Y�P�״4K[mk�?/�eNב���:
����g�eg�e�����P���C]��i���^��f�!�S��������o��"!6��3�^�v2L�QnlI��R�S�u�crp�	�uo_ߡ揊�	#�������c*���g.3���C��թ�IJ��rI����CG���?�<��][1����_�e�9#�q��H=��]��4F�p(v$;�:Չ_ϷׇIP�GXw�;}}M�$;	#̳�����7x�8]��oɁ�+q����D�_(�����/}.ى�����m�_���΁�y?��Ǘ,)~;u>�4������#��=Z~̮�����^�����z>��7%9�oS�.}��o�>����i����i�~�8╎���{����)�����_���7?:/i�
MK<ǘ���g��>�&��;�t>��%����'zĨ%Z���I���sf7��L�c���3x
M��Ť���c��׷���7|�l��״/���_�����$9gkކ�Sx�?��z�]�o���]]�nP���գ�i�����H��Q_��W����~�}Ͼ$����l'�3&~`��
o��R�|췳PDz�&�ܾ�,�ϊ,
�eE�VU���]\[Z\^��e'G�MuMYe]qM~CG$��BE~c{[$g�)��(��
��w�����ꂺ����H8�����%kE���̜̜�L3�V�.YQP�M�jg�6�Z��˫�Vh[�+�s�lk{8hJ�Wk�e/��**�_X\k�WΫ-[T�?�x{�ǟݯwi��������j}vv���KǏ�N7��b�4vnb��Z��_7iܵE��W���ϒ�Q��?P�%�O����͟�_��@��;��b�ߋF��ӱ�Q�F"�0

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00d701c29c22$e04bcb80$0100a8c0>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact