From owner-freebsd-security Mon Sep 18 14:22:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from kronus.com.br (dial-bhn-C8C0B488.bhz.zaz.com.br [200.192.180.136]) by hub.freebsd.org (Postfix) with SMTP id 56E8D37B423 for ; Mon, 18 Sep 2000 14:22:07 -0700 (PDT) Received: (qmail 1107 invoked by uid 1000); 18 Sep 2000 21:26:29 -0000 Date: Mon, 18 Sep 2000 18:26:29 -0300 From: Fred Souza To: Alfred Perlstein Cc: Bosko Milekic , security@FreeBSD.ORG Subject: Re: Panic when receiving packets with invalid versions Message-ID: <20000918182629.A1082@torment.secfreak.com> References: <20000918115643.A470@torment.secfreak.com> <20000918171214.A269@torment.secfreak.com> <20000918131517.I15156@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Your message of "Mon, Sep 18 2000 13:15:17 -0700" <20000918131517.I15156@fw.wintelcom.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > So close! :) Whoa! Luck? :) > You don't want to do 'up 10' you want to go 'up' until you hit the > frame above 'trap' which is 'ip_natout', that's where you want to > do your 'list' and 'print' of some of the variables that appear. Ok, thanks a lot. I'll surely remember that next time I need to debug the kernel (or anything else). > you may also want to printout several variables by prefixing * to > them to get the structure contents. Ok. > This looks like it may be a bug in ipfilter. Absolutely right on that, sir! To be exact, the mistake was that I was loading NAT rules through interface ppp0 at boot-time. Once my box doesn't connect to the ISP at boot-time, that mapping maps to "nothing". Unloading the mapping when ppp0 is not active solved the problem. Thank you _very_much_ for your help. Peace, .cseg -- This is what you get when you meet someone who has spent most of his/her entire life, thinking. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message