From owner-freebsd-ipfw Tue Feb 29 11:20:15 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from crufty.research.bell-labs.com (crufty.research.bell-labs.com [204.178.16.49]) by hub.freebsd.org (Postfix) with SMTP id 3D0D137BC2F; Tue, 29 Feb 2000 11:20:07 -0800 (PST) (envelope-from raz@lucent.com) Received: from chair.dnrc.bell-labs.com ([135.180.161.201]) by crufty; Tue Feb 29 14:18:21 EST 2000 Received: from lucent.com (razpc [135.180.160.74]) by chair.dnrc.bell-labs.com (8.9.3/8.9.3) with ESMTP id OAA01847; Tue, 29 Feb 2000 14:18:19 -0500 (EST) Message-ID: <38BC1B82.6C7B2273@lucent.com> Date: Tue, 29 Feb 2000 14:18:26 -0500 From: dan raz X-Mailer: Mozilla 4.61 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: questions@freebsd.org, freebsd-ipfw@freebsd.org Cc: shavitt@lucent.com Subject: Re: Problems with divert/ipfw References: <38BADE14.B200B010@lucent.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG It seems that divert was disabled for some unknown reason. Here is the relevant lines from the /var/log/message file: Feb 29 11:06:38 heshvan /kernel: npx0 on motherboard Feb 29 11:06:38 heshvan /kernel: npx0: INT 16 interface Feb 29 11:06:38 heshvan /kernel: Intel Pentium detected, installing workaround for F00F bug Feb 29 11:06:38 heshvan /kernel: IP packet filtering initialized, divert enabled, rule-based forwarding enabled, unlimited logging Feb 29 11:06:38 heshvan /kernel: IP Filter: initialized. Default = pass all, Logging = disabled Feb 29 11:06:38 heshvan /kernel: changing root device to wd0s2a Feb 29 11:06:38 heshvan /kernel: IP packet filtering initialized, divert disabled, rule-based forwarding disabled, logging disabled Feb 29 11:06:48 heshvan mrouted[124]: mrouted version 3.9-beta3+IOS12 Note, that first divert is enabled, and then after mounting / IP packet filtering is reinitialize, but now divert is disabled. Any idea why this happens????? When we try single-user mode the second initialization of IP packet filtering does not happened. dan raz wrote: > > Hi, > > This problem seems to be related to an earlier posting by > Feiyi Wang which did not seem to be answered. > > We are using FreeBSD 3.2 with ipfw and divert. > > We have several machines that work fine, but in two of them (not at the same > time) we see the following phenomenon: > A counter for a divert ipfw rule is increased, but the program that listens > on the divert socket (with recvfrom) does not get any data. > > The odd thing is that these two machines worked perfectly well > for several months until they decided not to (of course, we did not change > the kernel, ipfw rules or the listening program). > Warm/cold reboot does not help. > Our guess is that some log file is full or conf file might be corrupted > but we could not find any. > > Any suggestions? > > -- > > Danny Raz Tel: 732-949-6712 > Room 4G-637 Fax: 732-949-0399 > Bell-Labs email: raz@dnrc.bell-labs.com > 101 Crawfords Corner Road > Holmdel, NJ 07733 - 3030 > WWW: http://www.cs.bell-labs.com/~raz -- Danny Raz Tel: 732-949-6712 Room 4G-637 Fax: 732-949-0399 Bell-Labs email: raz@dnrc.bell-labs.com 101 Crawfords Corner Road Holmdel, NJ 07733 - 3030 WWW: http://www.cs.bell-labs.com/~raz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message