From owner-freebsd-pf@FreeBSD.ORG  Tue Jun  5 06:49:02 2012
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id D961E1065673;
	Tue,  5 Jun 2012 06:49:02 +0000 (UTC)
	(envelope-from Joerg.Pulz@frm2.tum.de)
Received: from mailhost.frm2.tum.de (mailhost.frm2.tum.de [129.187.179.12])
	by mx1.freebsd.org (Postfix) with ESMTP id 656638FC15;
	Tue,  5 Jun 2012 06:49:02 +0000 (UTC)
Received: from mailhost.frm2.tum.de (localhost [127.0.0.1])
	by mailhost.frm2.tum.de (8.14.4/8.14.4) with ESMTP id q556mrN6092391;
	Tue, 5 Jun 2012 08:48:53 +0200 (CEST)
	(envelope-from Joerg.Pulz@frm2.tum.de)
X-Virus-Scanned: at mailhost.frm2.tum.de
Received: from hades.admin.frm2 (hades.admin.frm2 [172.25.1.10])
	(authenticated bits=0)
	by mailhost.frm2.tum.de (8.14.4/8.14.4) with ESMTP id q556mpKt092384
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Tue, 5 Jun 2012 08:48:51 +0200 (CEST)
	(envelope-from Joerg.Pulz@frm2.tum.de)
Date: Tue, 5 Jun 2012 08:48:48 +0200 (CEST)
From: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
To: Daniel Hartmeier <daniel@benzedrine.cx>
In-Reply-To: <20120604102544.GC13069@insomnia.benzedrine.cx>
Message-ID: <alpine.BSF.2.00.1206050845350.89783@unqrf.nqzva.sez2>
References: <201205271830.q4RIU9fA039893@freefall.freebsd.org>
	<20120529064910.GA12508@insomnia.benzedrine.cx>
	<alpine.BSF.2.00.1206011015290.89783@unqrf.nqzva.sez2>
	<20120604065344.GA13069@insomnia.benzedrine.cx>
	<20120604100829.GB13069@insomnia.benzedrine.cx>
	<20120604102544.GC13069@insomnia.benzedrine.cx>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.6
	(mailhost.frm2.tum.de [129.187.179.12]);
	Tue, 05 Jun 2012 08:48:52 +0200 (CEST)
Cc: bug-followup@freebsd.org, freebsd-pf@freebsd.org
Subject: Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad
 fragment handling?)
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jun 2012 06:49:02 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Mon, 4 Jun 2012, Daniel Hartmeier wrote:

> Here's a patch that directly tests this theory.
>
> If correct, it will replace the panics with simple log messages that
> show when ipfilter left an m_len==0 mbuf.

Daniel,

seems that your patch fixed it.
I've seen the following log entry:

Jun  5 02:15:33 charon kernel: fr_check_wrapper: m_len 0 fixed

No panic and everything is running smooth.
I will go and recompile the kernel with all the IPFIREWALL options 
reenabled to make sure that the byte ordering problem does not appear.

I will report back.

Thanks for your help.
Joerg

- -- 
The beginning is the most important part of the work.
 				-Plato
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iD8DBQFPzavTSPOsGF+KA+MRArY+AJ43yqTeJ6hb+uCM7xZ8FWTztCz69ACgg1Wx
yVCCuNUO0ipvlbPwa0jzZjM=
=MGzr
-----END PGP SIGNATURE-----