From owner-freebsd-pf@FreeBSD.ORG  Tue Jun  5 12:41:29 2012
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 06801106564A;
	Tue,  5 Jun 2012 12:41:29 +0000 (UTC)
	(envelope-from Joerg.Pulz@frm2.tum.de)
Received: from mailhost.frm2.tum.de (mailhost.frm2.tum.de [129.187.179.12])
	by mx1.freebsd.org (Postfix) with ESMTP id 6772A8FC16;
	Tue,  5 Jun 2012 12:41:28 +0000 (UTC)
Received: from mailhost.frm2.tum.de (localhost [127.0.0.1])
	by mailhost.frm2.tum.de (8.14.4/8.14.4) with ESMTP id q55CfOAG008519;
	Tue, 5 Jun 2012 14:41:24 +0200 (CEST)
	(envelope-from Joerg.Pulz@frm2.tum.de)
X-Virus-Scanned: at mailhost.frm2.tum.de
Received: from hades.admin.frm2 (hades.admin.frm2 [172.25.1.10])
	(authenticated bits=0)
	by mailhost.frm2.tum.de (8.14.4/8.14.4) with ESMTP id q55CfNNM008515
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Tue, 5 Jun 2012 14:41:23 +0200 (CEST)
	(envelope-from Joerg.Pulz@frm2.tum.de)
Date: Tue, 5 Jun 2012 14:41:20 +0200 (CEST)
From: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
To: Daniel Hartmeier <daniel@benzedrine.cx>
In-Reply-To: <alpine.BSF.2.00.1206050845350.89783@unqrf.nqzva.sez2>
Message-ID: <alpine.BSF.2.00.1206051436250.89783@unqrf.nqzva.sez2>
References: <201205271830.q4RIU9fA039893@freefall.freebsd.org>
	<20120529064910.GA12508@insomnia.benzedrine.cx>
	<alpine.BSF.2.00.1206011015290.89783@unqrf.nqzva.sez2>
	<20120604065344.GA13069@insomnia.benzedrine.cx>
	<20120604100829.GB13069@insomnia.benzedrine.cx>
	<20120604102544.GC13069@insomnia.benzedrine.cx>
	<alpine.BSF.2.00.1206050845350.89783@unqrf.nqzva.sez2>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.6
	(mailhost.frm2.tum.de [129.187.179.12]);
	Tue, 05 Jun 2012 14:41:23 +0200 (CEST)
Cc: bug-followup@freebsd.org, freebsd-pf@freebsd.org
Subject: Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad
 fragment handling?)
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jun 2012 12:41:29 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Tue, 5 Jun 2012, Joerg Pulz wrote:

> On Mon, 4 Jun 2012, Daniel Hartmeier wrote:
>
>> Here's a patch that directly tests this theory.
>> 
>> If correct, it will replace the panics with simple log messages that
>> show when ipfilter left an m_len==0 mbuf.
>
> Daniel,
>
> seems that your patch fixed it.
> I've seen the following log entry:
>
> Jun  5 02:15:33 charon kernel: fr_check_wrapper: m_len 0 fixed
>
> No panic and everything is running smooth.
> I will go and recompile the kernel with all the IPFIREWALL options
> reenabled to make sure that the byte ordering problem does not appear.
>
> I will report back.

Daniel,

as promised here is my report.

Your patch resolved all problems and panics.
I've seen two log entries since i reenabled all IPFIREWALL options.

Jun  5 14:07:19 charon kernel: fr_check_wrapper: m_len 0 fixed
Jun  5 14:07:19 charon kernel: fr_check_wrapper: m_len 0 fixed

No panics or other messages. Everything is running fine now.

Thanks again
Joerg

- -- 
The beginning is the most important part of the work.
 				-Plato
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iD8DBQFPzf5zSPOsGF+KA+MRAvC3AJsFAEf8axpmvfu3VPUiaFprhIT6KwCfSKMI
J1Ywq6NYvDeHHXiVjuWSRWw=
=k6q6
-----END PGP SIGNATURE-----