From owner-freebsd-ipfw@FreeBSD.ORG Wed Jan 14 13:43:37 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A4CA16A4CE for ; Wed, 14 Jan 2004 13:43:37 -0800 (PST) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 112FD43D48 for ; Wed, 14 Jan 2004 13:43:35 -0800 (PST) (envelope-from sten.daniel.sorsdal@wan.no) Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Date: Wed, 14 Jan 2004 22:43:16 +0100 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F5D9781@exchange.wanglobal.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: 4.9 Release ipfw2 - OUCH using limit - reboots Thread-Index: AcPaz3DIDeIh2xv1RqmvZdvsJKYxawAFyy1g From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: Subject: RE: 4.9 Release ipfw2 - OUCH using limit - reboots X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jan 2004 21:43:37 -0000 >=20 > fuc> Has anyone seen a problem using 4.9 release with IPFW2=20 > using limit=20 > fuc> causing crashes/reboots and 'OUCH! cannot remove rule,=20 > count 65535' > fuc> in the logfile? Or, does anyone see a problem with my logic. >=20 > fuc> sample use of limit seeming to cause the problem: > fuc> ipfw -q add 00182 allow log logamount 1000 tcp from any to=20 > fuc> 216.XX.XX.6 setup limit src-addr 3 in via xl1 >=20 > I can confirm the same on 4.9 with FreeBSD 4.8-RELEASE. My=20 > sysctl settings with dyn_buckets was default. Machine reboots=20 > on high amount of traffic. >=20 I had to remove all "limit" options after i noticed they get=20 created but not destroyed. Had to reboot (or in a few cases i=20 could reload module) to fix it. I dont know why this happens but i believe i read about a similar thing on 5.x so i chalked it up as another bug that will be fixed soon. I run FreeBSD 4.9-RELEASE and couple of 4.9-PRERELEASE. Both have this issue, as far as i remember. _// Sten Daniel S=F8rsdal