Date: Tue, 29 Feb 2000 14:18:26 -0500 From: dan raz <raz@lucent.com> To: questions@freebsd.org, freebsd-ipfw@freebsd.org Cc: shavitt@lucent.com Subject: Re: Problems with divert/ipfw Message-ID: <38BC1B82.6C7B2273@lucent.com> References: <38BADE14.B200B010@lucent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It seems that divert was disabled for some unknown reason. Here is the relevant lines from the /var/log/message file: Feb 29 11:06:38 heshvan /kernel: npx0 on motherboard Feb 29 11:06:38 heshvan /kernel: npx0: INT 16 interface Feb 29 11:06:38 heshvan /kernel: Intel Pentium detected, installing workaround for F00F bug Feb 29 11:06:38 heshvan /kernel: IP packet filtering initialized, divert enabled, rule-based forwarding enabled, unlimited logging Feb 29 11:06:38 heshvan /kernel: IP Filter: initialized. Default = pass all, Logging = disabled Feb 29 11:06:38 heshvan /kernel: changing root device to wd0s2a Feb 29 11:06:38 heshvan /kernel: IP packet filtering initialized, divert disabled, rule-based forwarding disabled, logging disabled Feb 29 11:06:48 heshvan mrouted[124]: mrouted version 3.9-beta3+IOS12 Note, that first divert is enabled, and then after mounting / IP packet filtering is reinitialize, but now divert is disabled. Any idea why this happens????? When we try single-user mode the second initialization of IP packet filtering does not happened. dan raz wrote: > > Hi, > > This problem seems to be related to an earlier posting by > Feiyi Wang which did not seem to be answered. > > We are using FreeBSD 3.2 with ipfw and divert. > > We have several machines that work fine, but in two of them (not at the same > time) we see the following phenomenon: > A counter for a divert ipfw rule is increased, but the program that listens > on the divert socket (with recvfrom) does not get any data. > > The odd thing is that these two machines worked perfectly well > for several months until they decided not to (of course, we did not change > the kernel, ipfw rules or the listening program). > Warm/cold reboot does not help. > Our guess is that some log file is full or conf file might be corrupted > but we could not find any. > > Any suggestions? > > -- > > Danny Raz Tel: 732-949-6712 > Room 4G-637 Fax: 732-949-0399 > Bell-Labs email: raz@dnrc.bell-labs.com > 101 Crawfords Corner Road > Holmdel, NJ 07733 - 3030 > WWW: http://www.cs.bell-labs.com/~raz -- Danny Raz Tel: 732-949-6712 Room 4G-637 Fax: 732-949-0399 Bell-Labs email: raz@dnrc.bell-labs.com 101 Crawfords Corner Road Holmdel, NJ 07733 - 3030 WWW: http://www.cs.bell-labs.com/~raz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38BC1B82.6C7B2273>