Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 1 Jun 2012 13:30:05 GMT
From:      =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>
To:        freebsd-pf@FreeBSD.org
Subject:   Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad fragment handling?)
Message-ID:  <201206011330.q51DU5WT070314@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/168190; it has been noted by GNATS.

From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>
To: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
Cc: Daniel Hartmeier <daniel@benzedrine.cx>, bug-followup@freebsd.org, freebsd-pf@freebsd.org
Subject: Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad
 fragment handling?)
Date: Fri, 1 Jun 2012 15:21:09 +0200

 On Fri, Jun 1, 2012 at 10:25 AM, Joerg Pulz <Joerg.Pulz@frm2.tum.de> wrote:
 > -----BEGIN PGP SIGNED MESSAGE-----
 > Hash: SHA1
 >
 >
 > On Tue, 29 May 2012, Daniel Hartmeier wrote:
 >
 >> On Sun, May 27, 2012 at 06:30:09PM +0000, Joerg Pulz wrote:
 >>
 >>> =C2=A0i've seen 12 more "pf_route: m0->m_len < sizeof(struct ip)" messa=
 ges
 >>> since the system is running after adding your patch, but no panic.
 >>> =C2=A0Is there another place in the code where i can add an additional =
 check?
 >>
 >>
 >> Yes, the following patch adds more checks to pf.
 >
 >
 > Daniel,
 >
 > after several days waiting for a panic since i applied your new patch, it
 > finally happend last night.
 >
 > Below is the kgdb(1) output. I tried to print as much as possible to give
 > you the most informations.
 >
 > Hope this helps to find the cuase of the trouble or at least to get a bit
 > closer.
 >
 > #### kgdb.out_len
 >
 >
 > GNU gdb 6.1.1 [FreeBSD]
 > Copyright 2004 Free Software Foundation, Inc.
 > GDB is free software, covered by the GNU General Public License, and you =
 are
 > welcome to change it and/or distribute copies of it under certain
 > conditions.
 > Type "show copying" to see the conditions.
 > There is absolutely no warranty for GDB. =C2=A0Type "show warranty" for d=
 etails.
 > This GDB was configured as "amd64-marcel-freebsd"...
 >
 > Unread portion of the kernel message buffer:
 > panic: pf_test: 1: m->m_pkthdr.len 176, m->m_len 0
 >
 > cpuid =3D 1
 > KDB: stack backtrace:
 > db_trace_self_wrapper() at db_trace_self_wrapper+0x2a
 > kdb_backtrace() at kdb_backtrace+0x37
 > panic() at panic+0x182
 > pf_test() at pf_test+0x259
 > pf_check_out() at pf_check_out+0x71
 > pfil_run_hooks() at pfil_run_hooks+0x113
 >
 > ip_output() at ip_output+0x6de
 > ip_forward() at ip_forward+0x19e
 
 It is quite strange that you do not have a pfil_run_hooks() here as well!
 Maybe you are running ipsec, if so i would expect that to show in the trace=
 !?
 
 Can you describe the setup you have in more detail to understand what
 interactions are happening with the stack?
 
 > ip_input() at ip_input+0x680
 > swi_net() at swi_net+0x15a
 > intr_event_execute_handlers() at intr_event_execute_handlers+0x66
 > ithread_loop() at ithread_loop+0xaf
 > fork_exit() at fork_exit+0x12a
 > fork_trampoline() at fork_trampoline+0xe
 > - --- trap 0, rip =3D 0, rsp =3D 0xffffff8000241d00, rbp =3D 0 ---
 > KDB: enter: panic
 > Dumping 588 out of 4077 MB:..3%..11%..22%..33%..41%..52%..63%..71%..82%..=
 93%
 >
 >
 > Reading symbols from /boot/kernel/geom_mirror.ko...Reading symbols from
 > /boot/kernel/geom_mirror.ko.symbols...done.
 > done.
 > Loaded symbols for /boot/kernel/geom_mirror.ko
 > Reading symbols from /boot/kernel/ipmi.ko...Reading symbols from
 > /boot/kernel/ipmi.ko.symbols...done.
 > done.
 > Loaded symbols for /boot/kernel/ipmi.ko
 > #0 =C2=A0doadump (textdump=3D0) at pcpu.h:224
 > 224 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 __asm("movq %%gs:0,%0" : "=
 =3Dr" (td));
 > (kgdb) up 10
 > #10 0xffffffff80326737 in pf_test (dir=3D2, ifp=3D0xfffffe0003001800,
 > =C2=A0 =C2=A0m0=3D0xffffff80002418e8, eh=3D0x0, inp=3D0x0)
 > =C2=A0 =C2=A0at /usr/src/sys/contrib/pf/net/pf.c:6725
 > 6725 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0panic("pf_test: 1: m->m_pkthdr.len %d, m->m_len %d",
 > (kgdb) list
 > 6720 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0goto done;
 > 6721 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}
 > 6722 6723 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (m->m_pkthd=
 r.len < sizeof(struct ip) ||
 > 6724 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0m->m_len < si=
 zeof(struct ip))
 > 6725 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0panic("pf_test: 1: m->m_pkthdr.len %d, m->m_len %d",
 > 6726 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0 =C2=A0 =C2=A0(int)m->m_pkthdr.len, (int)m->m_len);
 > 6727 6728 =C2=A0 =C2=A0 =C2=A0 #ifdef __FreeBSD__
 > 6729 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (m->m_flags & M_SKIP_FIR=
 EWALL) {
 > (kgdb) p *m
 > $1 =3D {m_hdr =3D {mh_next =3D 0xfffffe01671a0700, mh_nextpkt =3D 0x0,
 > =C2=A0 =C2=A0mh_data =3D 0xfffffe0064823774 "E", mh_len =3D 0, mh_flags =
 =3D 66, mh_type =3D 1,
 >
 > =C2=A0 =C2=A0pad =3D "=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E"}, M_dat =3D {=
 MH =3D {MH_pkthdr =3D {rcvif =3D 0xfffffe0003001800,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0header =3D 0x0, len =3D 176, flowid =3D 0, csu=
 m_flags =3D 768,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0csum_data =3D 16922, tso_segsz =3D 0, PH_vt =
 =3D {vt_vtag =3D 0, vt_nrecs =3D
 > 0},
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0tags =3D {slh_first =3D 0xfffffe00644820a0}}, =
 MH_dat =3D {MH_ext =3D {
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ext_buf =3D 0x38200ec0045 <Address 0x38=
 200ec0045 out of bounds>,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ext_free =3D 0x38200b00045, ext_arg1 =
 =3D 0xd7d59754b1600478,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ext_arg2 =3D 0xb000004557b3bb81, ext_si=
 ze =3D 62620,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ref_cnt =3D 0x1b2a8c002079b0a, ext_type=
  =3D -1242365181},
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0MH_databuf =3D
 > "E\000=C4=97\000\202\003\000\000E\000=C2=B0\000\202\003\000\000x\004`=C4=
 =85T\227=C3=95=C5=A8\201=C5=A7=C4=A3WE\000\000=C2=B0\234=C3=B4\000\000\177\=
 001\031\022\n\233\a\002=C4=80=C4=BB=C4=93\001\003\003=C3=B3=C4=A9\000\000\0=
 00\000E\000\000\235&=C3=BC\000\000>\021=C5=85\r=C4=80=C4=BB=C4=93\001\n\233=
 \a\002\0005=C3=85A\000\211\203\016=C5=86\212\205\200\000\001\000\001\000\00=
 2\000\002=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=
 =C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=
 =9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=
 =C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=
 =9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=
 =C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E"}},
 > =C2=A0 =C2=A0M_databuf =3D
 > "\000\030\000\003\000=C3=BE=C4=B8=C4=B8\000\000\000\000\000\000\000\000=
 =C2=B0\000\000\000\000\000\000\000\000\003\000\000\032B\000\000\000\000\000=
 \000=C3=9E=C4=80=C2=AD=C3=9E
 > Hd\000=C3=BE=C4=B8=C4=B8E\000=C4=97\000\202\003\000\000E\000=C2=B0\000\20=
 2\003\000\000x\004`=C4=85T\227=C3=95=C5=A8\201=C5=A7=C4=A3WE\000\000=C2=B0\=
 234=C3=B4\000\000\177\001\031\022\n\233\a\002=C4=80=C4=BB=C4=93\001\003\003=
 =C3=B3=C4=A9\000\000\000\000E\000\000\235&=C3=BC\000\000>\021=C5=85\r=C4=80=
 =C4=BB=C4=93\001\n\233\a\002\0005=C3=85A\000\211\203\016=C5=86\212\205\200\=
 000\001\000\001\000\002\000\002=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=
 =C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=
 =9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=
 =C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=
 =9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E=C3=9E=C4=80=C2=AD=C3=9E"...}}
 > (kgdb) p *ifp
 > $2 =3D {if_softc =3D 0xffffff80007a9000, if_l2com =3D 0xfffffe000300b200,
 >
 > =C2=A0if_vnet =3D 0x0, if_link =3D {tqe_next =3D 0xfffffe0003002000,
 > =C2=A0 =C2=A0tqe_prev =3D 0xfffffe0003003818},
 > =C2=A0if_xname =3D "bge0", '\0' <repeats 11 times>,
 > =C2=A0if_dname =3D 0xfffffe00028f0758 "bge", if_dunit =3D 0, if_refcount =
 =3D 1,
 >
 > =C2=A0if_addrhead =3D {tqh_first =3D 0xfffffe000300a000,
 > =C2=A0 =C2=A0tqh_last =3D 0xfffffe0005a940b8}, if_pcount =3D 0, if_carp =
 =3D 0x0,
 > =C2=A0if_bpf =3D 0xfffffe0005062400, if_index =3D 5, if_index_reserved =
 =3D 0,
 >
 > =C2=A0if_vlantrunk =3D 0x0, if_flags =3D 34819, if_capabilities =3D 52444=
 3,
 > =C2=A0if_capenable =3D 524443, if_linkmib =3D 0x0, if_linkmiblen =3D 0, i=
 f_data =3D {
 > =C2=A0 =C2=A0ifi_type =3D 6 '\006', ifi_physical =3D 0 '\0', ifi_addrlen =
 =3D 6 '\006',
 > =C2=A0 =C2=A0ifi_hdrlen =3D 18 '\022', ifi_link_state =3D 2 '\002',
 > =C2=A0 =C2=A0ifi_spare_char1 =3D 0 '\0', ifi_spare_char2 =3D 0 '\0',
 > =C2=A0 =C2=A0ifi_datalen =3D 152 '\230', ifi_mtu =3D 1500, ifi_metric =3D=
  0,
 > =C2=A0 =C2=A0ifi_baudrate =3D 1000000000, ifi_ipackets =3D 4678659, ifi_i=
 errors =3D 0,
 > =C2=A0 =C2=A0ifi_opackets =3D 2594069, ifi_oerrors =3D 0, ifi_collisions =
 =3D 0,
 > =C2=A0 =C2=A0ifi_ibytes =3D 598927432, ifi_obytes =3D 2837994361, ifi_imc=
 asts =3D 2432290,
 >
 > =C2=A0 =C2=A0ifi_omcasts =3D 0, ifi_iqdrops =3D 0, ifi_noproto =3D 0, ifi=
 _hwassist =3D 3,
 > =C2=A0 =C2=A0ifi_epoch =3D 1, ifi_lastchange =3D {tv_sec =3D 1338284854, =
 tv_usec =3D 622823}},
 > =C2=A0if_multiaddrs =3D {tqh_first =3D 0xfffffe0005bdb080,
 > =C2=A0 =C2=A0tqh_last =3D 0xfffffe00058ff080}, if_amcount =3D 0,
 > =C2=A0if_output =3D 0xffffffff8073d2f5 <ether_output>,
 > =C2=A0if_input =3D 0xffffffff8073c8cb <ether_input>,
 > =C2=A0if_start =3D 0xffffffff803c2b67 <bge_start>,
 > =C2=A0if_ioctl =3D 0xffffffff803c8d9a <bge_ioctl>,
 > =C2=A0if_init =3D 0xffffffff803c8d54 <bge_init>,
 > =C2=A0if_resolvemulti =3D 0xffffffff8073c28d <ether_resolvemulti>,
 > =C2=A0if_qflush =3D 0xffffffff807350b2 <if_qflush>,
 > =C2=A0if_transmit =3D 0xffffffff80734f7e <if_transmit>, if_reassign =3D 0=
 ,
 >
 > =C2=A0if_home_vnet =3D 0x0, if_addr =3D 0xfffffe000300a000, if_llsoftc =
 =3D 0x0,
 > =C2=A0if_drv_flags =3D 64, if_snd =3D {ifq_head =3D 0x0, ifq_tail =3D 0x0=
 , ifq_len =3D 0,
 > =C2=A0 =C2=A0ifq_maxlen =3D 511, ifq_drops =3D 0, ifq_mtx =3D {lock_objec=
 t =3D {
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0lo_name =3D 0xfffffe0003001828 "bge0", lo_flag=
 s =3D 16973824, lo_data =3D
 > 0,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0lo_witness =3D 0xffffff80006cf480}, mtx_lock =
 =3D 4}, ifq_drv_head =3D 0x0,
 > =C2=A0 =C2=A0ifq_drv_tail =3D 0x0, ifq_drv_len =3D 0, ifq_drv_maxlen =3D =
 511, altq_type =3D 0,
 > =C2=A0 =C2=A0altq_flags =3D 1, altq_disc =3D 0x0, altq_ifp =3D 0xfffffe00=
 03001800,
 > =C2=A0 =C2=A0altq_enqueue =3D 0, altq_dequeue =3D 0, altq_request =3D 0, =
 altq_clfier =3D 0x0,
 > =C2=A0 =C2=A0altq_classify =3D 0, altq_tbr =3D 0x0, altq_cdnr =3D 0x0},
 > =C2=A0if_broadcastaddr =3D 0xffffffff80ad06c0 "=C4=B8=C4=B8=C4=B8=C4=B8=
 =C4=B8=C4=B8", if_bridge =3D 0x0,
 >
 > =C2=A0if_label =3D 0x0, if_prefixhead =3D {tqh_first =3D 0x0,
 > =C2=A0 =C2=A0tqh_last =3D 0xfffffe0003001a78}, if_afdata =3D {0x0, 0x0,
 > 0xfffffe0005821a20,
 > =C2=A0 =C2=A00x0 <repeats 25 times>, 0xfffffe0005815940, 0x0, 0x0, 0x0, 0=
 x0, 0x0, 0x0,
 >
 > =C2=A0 =C2=A00x0, 0x0, 0x0}, if_afdata_initialized =3D 2, if_afdata_lock =
 =3D {
 > =C2=A0 =C2=A0lock_object =3D {lo_name =3D 0xffffffff80acf95a "if_afdata",
 >
 > =C2=A0 =C2=A0 =C2=A0lo_flags =3D 69402624, lo_data =3D 0, lo_witness =3D =
 0xffffff80006cf400},
 > =C2=A0 =C2=A0rw_lock =3D 1}, if_linktask =3D {ta_link =3D {stqe_next =3D =
 0x0}, ta_pending =3D 0,
 > =C2=A0 =C2=A0ta_priority =3D 0, ta_func =3D 0xffffffff80737559 <do_link_s=
 tate_change>,
 >
 > =C2=A0 =C2=A0ta_context =3D 0xfffffe0003001800}, if_addr_mtx =3D {lock_ob=
 ject =3D {
 > =C2=A0 =C2=A0 =C2=A0lo_name =3D 0xffffffff80ac1a20 "if_addr_mtx", lo_flag=
 s =3D 16973824,
 >
 > =C2=A0 =C2=A0 =C2=A0lo_data =3D 0, lo_witness =3D 0xffffff80006c8b80}, mt=
 x_lock =3D 4},
 > =C2=A0if_clones =3D {le_next =3D 0x0, le_prev =3D 0x0}, if_groups =3D {
 > =C2=A0 =C2=A0tqh_first =3D 0xfffffe0003007b20, tqh_last =3D 0xfffffe00030=
 07b28},
 > =C2=A0if_pf_kif =3D 0xfffffe0005888400, if_lagg =3D 0x0, if_description =
 =3D 0x0,
 >
 > =C2=A0if_fib =3D 0, if_alloctype =3D 6 '\006', if_cspare =3D "\000\000", =
 if_ispare =3D
 > {0,
 > =C2=A0 =C2=A00, 0, 0}, if_pspare =3D {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, =
 0x0}}
 > (kgdb) p pd
 > $3 =3D {lookup =3D {done =3D 0, uid =3D 0, gid =3D 0, pid =3D 0}, tot_len=
  =3D 0, hdr =3D {
 > =C2=A0 =C2=A0tcp =3D 0x0, udp =3D 0x0, icmp =3D 0x0, icmp6 =3D 0x0, any =
 =3D 0x0}, nat_rule =3D
 > 0x0,
 > =C2=A0eh =3D 0x0, src =3D 0x0, dst =3D 0x0, sport =3D 0x0, dport =3D 0x0,
 > =C2=A0pf_mtag =3D 0xfffffe00644f9358, p_len =3D 0, ip_sum =3D 0x0, proto_=
 sum =3D 0x0,
 > =C2=A0flags =3D 0, af =3D 0 '\0', proto =3D 0 '\0', tos =3D 0 '\0', dir =
 =3D 0 '\0',
 > =C2=A0sidx =3D 0 '\0', didx =3D 0 '\0'}
 > (kgdb) p pf_status
 > $4 =3D {counters =3D {9415424, 0, 0, 0, 0, 0, 0, 0, 3464, 0, 27, 0, 0, 0,=
  0},
 > =C2=A0lcounters =3D {0, 0, 0, 0, 0, 0, 0}, fcounters =3D {12630228, 74172=
 , 74158},
 > =C2=A0scounters =3D {0, 0, 0}, pcounters =3D {{{0, 0, 0}, {0, 0, 0}}, {{0=
 , 0, 0}, {0,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A00, 0}}}, bcounters =3D {{0, 0}, {0, 0}}, state=
 id =3D 5747889684957176252,
 > =C2=A0running =3D 1, states =3D 14, src_nodes =3D 0, since =3D 1338284855=
 , debug =3D 1,
 > =C2=A0hostid =3D 3046117155, ifname =3D '\0' <repeats 15 times>,
 > =C2=A0pf_chksum =3D "qu=C3=8E\205<0=C2=AD=C2=A0h=C5=A1\021=C5=A7=C5=ABvi\=
 203"}
 > (kgdb) p pf_status.running
 > $5 =3D 1
 > (kgdb) up
 > #11 0xffffffff8032cc7b in pf_check_out (arg=3D)
 > =C2=A0 =C2=A0at /usr/src/sys/contrib/pf/net/pf_ioctl.c:4184
 > 4184 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0chk =3D pf_test(PF_OUT, ifp=
 , m, NULL, inp);
 > (kgdb) list
 > 4179 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0h =3D mtod(*m, struct ip *);
 > 4180 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0HTONS(h->ip_len);
 > 4181 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0HTONS(h->ip_off);
 > 4182 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0}
 > 4183 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CURVNET_SET(ifp->if_vnet);
 > 4184 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0chk =3D pf_test(PF_OUT, ifp=
 , m, NULL, inp);
 > 4185 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CURVNET_RESTORE();
 > 4186 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (chk && *m) {
 > 4187 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0m_freem(*m);
 > 4188 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0*m =3D NULL;
 > (kgdb) up
 > #12 0xffffffff8074adcf in pfil_run_hooks (ph=3D) at /usr/src/sys/net/pfil=
 .c:89
 > 89 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0rv =3D (*pfh->pfil_func)(pfh->pfil_arg, &=
 m,
 > ifp, dir,
 > (kgdb) list
 > 84 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0KASSERT(ph->ph_nhooks =
 >=3D 0, ("Pfil hook count dropped <
 > 0"));
 > 85 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0for (pfh =3D pfil_hook=
 _get(dir, ph); pfh !=3D NULL;
 > 86 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 pfh =3D=
  TAILQ_NEXT(pfh, pfil_link)) {
 > 87 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0if (pfh->pfil_func !=3D NULL) {
 > 88 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ASSERT_HOST_BYTE_ORDER(m);
 > 89 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0rv =3D (*pfh->pfil_func)(pfh->pfil_arg, &=
 m,
 > ifp, dir,
 > 90 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0inp);
 > 91 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0if (rv !=3D 0 || m =3D=3D NULL)
 > 92 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0break;
 > 93 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0ASSERT_HOST_BYTE_ORDER(m);
 > (kgdb) p *pfh
 > $6 =3D {pfil_link =3D {tqe_next =3D 0x0, tqe_prev =3D 0xfffffe0005821b00}=
 ,
 > =C2=A0pfil_func =3D 0xffffffff8032cc0a <pf_check_out>, pfil_arg =3D 0x0}
 > (kgdb) up
 > #13 0xffffffff80776b3a in ip_output (m=3D0xfffffe0064823700, opt=3D)
 > =C2=A0 =C2=A0at /usr/src/sys/netinet/ip_output.c:512
 >
 > 512 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 error =3D pfil_run_hooks(&V=
 _inet_pfil_hook, &m, ifp, PFIL_OUT,
 > inp);
 > (kgdb) list
 > 507 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
  goto passout;
 > 508 509 =C2=A0 =C2=A0 =C2=A0 =C2=A0 /* Run through list of hooks for outp=
 ut packets. */
 >
 > 510 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 odst.s_addr =3D ip->ip_dst.=
 s_addr;
 > 511 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ASSERT_HOST_BYTE_ORDER(m);
 > 512 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 error =3D pfil_run_hooks(&V=
 _inet_pfil_hook, &m, ifp, PFIL_OUT,
 > inp);
 > 513 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 if (error !=3D 0 || m =3D=
 =3D NULL)
 > 514 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
  goto done;
 > 515 516 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ip =3D mtod(m, struct ip *);
 > (kgdb) p *ip
 > $7 =3D {ip_hl =3D 5 '\005', ip_v =3D 4 '\004', ip_tos =3D 0 '\0', ip_len =
 =3D 45056,
 > =C2=A0ip_id =3D 62620, ip_off =3D 0, ip_ttl =3D 127 '\177', ip_p =3D 1 '\=
 001',
 > =C2=A0ip_sum =3D 4633, ip_src =3D {s_addr =3D 34052874}, ip_dst =3D {s_ad=
 dr =3D 28485824}}
 > (kgdb) p flags
 > $8 =3D 1
 > (kgdb) p mtu
 > $9 =3D 1500
 > (kgdb) p *ia
 > $10 =3D {ia_ifa =3D {ifa_addr =3D 0xfffffe0005a09338,
 > =C2=A0 =C2=A0ifa_dstaddr =3D 0xfffffe0005a09348, ifa_netmask =3D 0xfffffe=
 0005a09358,
 > =C2=A0 =C2=A0if_data =3D {ifi_type =3D 0 '\0', ifi_physical =3D 0 '\0', i=
 fi_addrlen =3D 0
 > '\0',
 > =C2=A0 =C2=A0 =C2=A0ifi_hdrlen =3D 0 '\0', ifi_link_state =3D 0 '\0', ifi=
 _spare_char1 =3D 0 '\0',
 > =C2=A0 =C2=A0 =C2=A0ifi_spare_char2 =3D 0 '\0', ifi_datalen =3D 0 '\0', i=
 fi_mtu =3D 0,
 > =C2=A0 =C2=A0 =C2=A0ifi_metric =3D 0, ifi_baudrate =3D 0, ifi_ipackets =
 =3D 4447700,
 > =C2=A0 =C2=A0 =C2=A0ifi_ierrors =3D 0, ifi_opackets =3D 2591860, ifi_oerr=
 ors =3D 0,
 > =C2=A0 =C2=A0 =C2=A0ifi_collisions =3D 0, ifi_ibytes =3D 608432458, ifi_o=
 bytes =3D 2801425920,
 > =C2=A0 =C2=A0 =C2=A0ifi_imcasts =3D 0, ifi_omcasts =3D 0, ifi_iqdrops =3D=
  0, ifi_noproto =3D 0,
 > =C2=A0 =C2=A0 =C2=A0ifi_hwassist =3D 0, ifi_epoch =3D 0, ifi_lastchange =
 =3D {tv_sec =3D 0,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0tv_usec =3D 0}}, ifa_ifp =3D 0xfffffe000300180=
 0, ifa_link =3D {
 > =C2=A0 =C2=A0 =C2=A0tqe_next =3D 0xfffffe0005a94000, tqe_prev =3D 0xfffff=
 e000300a0b8},
 > =C2=A0 =C2=A0ifa_rtrequest =3D 0, ifa_flags =3D 5, ifa_refcnt =3D 6, ifa_=
 metric =3D 0,
 > =C2=A0 =C2=A0ifa_claim_addr =3D 0, ifa_mtx =3D {lock_object =3D {
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0lo_name =3D 0xffffffff80ad4634 "ifaddr", lo_fl=
 ags =3D 16973824,
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0lo_data =3D 0, lo_witness =3D 0xffffff80006c89=
 80}, mtx_lock =3D 4}},
 > =C2=A0ia_subnet =3D 2176561920, ia_subnetmask =3D 4294967040, ia_hash =3D=
  {
 > =C2=A0 =C2=A0le_next =3D 0x0, le_prev =3D 0xfffffe000587f8c8}, ia_link =
 =3D {
 > =C2=A0 =C2=A0tqe_next =3D 0xfffffe0005902c00, tqe_prev =3D 0xfffffe000590=
 2928}, ia_addr =3D
 > {
 > =C2=A0 =C2=A0sin_len =3D 16 '\020', sin_family =3D 2 '\002', sin_port =3D=
  0, sin_addr =3D {
 > =C2=A0 =C2=A0 =C2=A0s_addr =3D 1471396737}, sin_zero =3D "\000\000\000\00=
 0\000\000\000"},
 > =C2=A0ia_dstaddr =3D {sin_len =3D 16 '\020', sin_family =3D 2 '\002', sin=
 _port =3D 0,
 > =C2=A0 =C2=A0sin_addr =3D {s_addr =3D 4289969025},
 > =C2=A0 =C2=A0sin_zero =3D "\000\000\000\000\000\000\000"}, ia_sockmask =
 =3D {
 > =C2=A0 =C2=A0sin_len =3D 7 '\a', sin_family =3D 2 '\002', sin_port =3D 0,=
  sin_addr =3D {
 > =C2=A0 =C2=A0 =C2=A0s_addr =3D 16777215}, sin_zero =3D "\000\000\000\000\=
 000\000\000"}}
 > (kgdb) p *dst
 > $11 =3D {sin_len =3D 16 '\020', sin_family =3D 2 '\002', sin_port =3D 0, =
 sin_addr =3D
 > {
 > =C2=A0 =C2=A0s_addr =3D 4273191809}, sin_zero =3D "\000\000\000\000\000\0=
 00\000"}
 > (kgdb)
 >
 > #### kgdb.out_len
 >
 >
 > - -- The beginning is the most important part of the work.
 > =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0-Plato
 > -----BEGIN PGP SIGNATURE-----
 > Version: GnuPG v2.0.18 (FreeBSD)
 >
 > iD8DBQFPyHyGSPOsGF+KA+MRAmr4AJ91yi1whfweG8Dkue7zi0Lvcsdn4gCfScX0
 > L8tV5u5gLMelsZX43e6yo6M=3D
 > =3DVzIz
 > -----END PGP SIGNATURE-----
 > _______________________________________________
 > freebsd-pf@freebsd.org mailing list
 > http://lists.freebsd.org/mailman/listinfo/freebsd-pf
 > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
 >
 
 
 
 --=20
 Ermal



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201206011330.q51DU5WT070314>