Date: Tue, 10 Nov 2015 17:33:26 -0500 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: NGie Cooper <yaneurabeya@gmail.com> Cc: Kristof Provost <kp@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: pf NAT and VNET Jails Message-ID: <20151110223326.GB55345@mutt-hardenedbsd> In-Reply-To: <CAGHfRMBSAuz823rVC_BVsvucpaaxMocM1=-aG%2BXCTebXpJNO4g@mail.gmail.com> References: <CAExMvs=jVsASLyiqU9nTpir0Hy_s_DfChgf4XKeGWv-8yojNBw@mail.gmail.com> <13324720.omGDCH0sVj@hbsd-dev-laptop> <D8AAC66A-ED1D-4A6C-9CCF-447CA788073A@FreeBSD.org> <5815854.WJiA8b3P58@hbsd-dev-laptop> <20151110024701.GA2694@mutt-hardenedbsd> <20151110212805.GB13268@vega.codepro.be> <CAGHfRMBSAuz823rVC_BVsvucpaaxMocM1=-aG%2BXCTebXpJNO4g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--O5XBE6gyVG5Rl6Rj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 10, 2015 at 01:45:21PM -0800, NGie Cooper wrote: > On Tue, Nov 10, 2015 at 1:28 PM, Kristof Provost <kp@freebsd.org> wrote: > > On 2015-11-09 21:47:01 (-0500), Shawn Webb <shawn.webb@hardenedbsd.org>= wrote: > >> I found the problem: it seems that the new Intel Haswell graphics > >> support (which I've been running with) is at odds somehow with pf NAT. > >> Removing Haswell graphics support means working pf NAT. > >> > > That's ... very strange. > > > > I've built the drm-i915-update-38 branch of http:////github.com/freebsd= /freebsd-base-graphics.git, > > but still haven't managed to reproduce the problem. > > It is if course entirely possible that it would only manifest if the > > haswell graphics are actually in use. In that case there's little I can > > do as I don't have haswell hardware I could test on. >=20 > 1. Add memguard(9) support to kernel. > 2. Set the descriptions for the zones (as noted in the manpage) to > catch panics when either driver tries to touch eachothers' space. > Cheers, > -NGie I think I might've been between some major pf commits or had some sort of stale file. I updated to latest HEAD with the new haswell stuff merged in and all is well. Thanks for the help in troubleshooting this. I'll keep an eye on it. Thanks, --=20 Shawn Webb HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --O5XBE6gyVG5Rl6Rj Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWQnC1AAoJEGqEZY9SRW7u+cEP/0ClfKBrzLwKfa3XG7DLMG9+ r7HfKAhIRiFefLQxUAGCvLuDf95SakKKkUuyU8G1PBfMp5enIO9w04a3yuKRZYzD j+DwNUgE6HPA/IkhqhOxZnL3uTt5lUaHvSGj3lCmmI31i4EPCP9eaxwIoAdQC9dp 1RIZIYMRu9hheF2xzMlS6yNHnK3b/T6SnkWP3w3ximRWanTs8M8nZEug5Zmcgfij OpLyEO23ubfB6ruF5RcFnV3kS8PmuvN8jFAazSZJ4pMZUse0ot0TWJnjPxV/L5lG nlpVCY5keI4T0O518nHyBTO+3zjSFbPHDlXuqOejsBavqyhOffv04envTg3r9x36 luHdmKLMm4DTKI0D1I7fIjqfYKuqbmU5QqsvB8W46QyFfHj4zi0t79mVPnts7rw4 LZkZnRBm0SceWUQqvhXB7jNkIfJBRcgzinYSS6d9Ug3Ighncrj/I0+tFupTiqkuV ERogscvWw7T2X0rzqyW2Zd3r6wwj2i389wnkWUQajVFZGTVaKYLZg6wQ9TqevWI6 pGoYvplh4iNDqlhRYliHMoKM5+OG/dxNgFNPwLkzpcQrDG1Zh3RuT1R7Hfk4QKa+ h8+QnWaGu4ZjAm3n67gffWKVoNsk/Cfrv0k3QCWZBOT7BuBFlsh5i0du+lhOsNDm rCb2UjQMb0ThdRGAAPiH =jBfQ -----END PGP SIGNATURE----- --O5XBE6gyVG5Rl6Rj--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151110223326.GB55345>