Date: Thu, 22 Jun 2000 19:17:12 -0400 (EDT) From: mi@privatelabs.com To: stable@freebsd.org Cc: luigi@iet.unipi.it Subject: ouch: setting net.link.ether.bridge_ipfw to 1 causes a panic Message-ID: <200006222317.TAA08981@misha.privatelabs.com>
next in thread | raw e-mail | index | archive | help
Hello! We had the box acting as the bridging firewall sitting in between our DSL router and the rest of the network. The machine has three physical interfaces (dc-driver): The first one, the dc0 does not even have an IP of its own -- it connects directly to the DSL router. dc2 connects to the local network (/27) and the dc1 is for the internal experimental network. This setup ran fine since I put it together in April with 4.0-STABLE as of April 27. Two days ago I decided to upgrade it to the latest -stable and now the new kernel panics right after putting up the login prompt :( I narrowed this down -- the following commands were in my /etc/rc.local since the end of April and removing the commented out one prevents the panics: sysctl -w net.link.ether.bridge_cfg=dc0:1,dc1:0,dc2:1 sysctl -w net.link.ether.bridge=1 #sysctl -w net.link.ether.bridge_ipfw=1 sysctl -w net.link.ether.bridge_ipfw_drop=0 sysctl -w net.link.ether.bridge_ipfw_collisions=0 Unfortunately, it also allows access to our internal hosts :( I'm also noticing, that even though I don't want the bridging of dc1, it is put into the promiscuous mode anyway. What's wrong? Thanks, -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006222317.TAA08981>