FreeBSD 7.3, reboot after panic: double fault
c0re
nr1c0re at gmail.com
Thu Apr 22 08:35:12 UTC 2010
Bjoern A. Zeeb, I send you e-mail with link to download kernel and dump.
And I remade kernel panic situation on virtual machines.
You need 2 freebsd machines for gre tunnel.
First need just to make gre tunnel like:
ifconfig em0 inet 10.0.0.1 netmask 255.255.255.0
ifconfig gre0 create
ifconfig gre0 inet 192.168.0.1 192.168.0.2 tunnel 10.10.0.1 10.10.0.2
netmask 255.255.255.252 link1 up
route add 10.10.0.3/32 10.10.0.2
Also this machine will be as a client to connect to remote. So we need to
install some browser like lynx.
Second machine:
Default installation of freebsd 7.3 with "src" checked in distributions.
After install - recompile kernel for IPFIREWALL_FORWARD support (mainly):
# Local additions
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_VERBOSE_LIMIT=1000 #limit verbosity
options IPFIREWALL_FORWARD #packet destination changes
options IPDIVERT #divert sockets
options IPSTEALTH #support for stealth forwarding
options DUMMYNET
device carp
And make kernel KERNCONF=MYKERNEL
reboot and configure network and firewall:
ifconfig em0 inet 10.10.0.2 netmask 255.255.255.0
ifconfig em0 alias inet 10.0.0.3 netmask 255.255.255.255
ifconfig gre0 create
ifconfig gre0 inet 192.168.0.2 192.168.0.1 tunnel 10.0.0.2 10.0.0.1 netmask
255.255.255.252 link1 up
ipfw add 00100 fwd 192.168.0.1 icmp from 10.0.0.3 to any out via em0
ipfw add 00200 fwd 192.168.0.1 tcp from 10.0.0.3 80 to any out via em0
ipfw add 00300 fwd 192.168.0.1 tcp from 10.0.0.3 443 to any out via em0
ipfw add 00400 allow ip from any to any
At that moment you can check icmp ping from 10.0.0.1 10.0.0.3 and ipfw show
to view that ipfw fwd counters are working.
Next we need to have some tcp service. I used apache2.
So in port /usr/ports/www/apache20 make install clean.
apache20_enable="YES" in rc.conf
In /usr/local/etc/apache2/httpd.conf:
edit "Listen 80" to "Listen 10.0.0.3:80 <http://10.0.0.3/>"
and add virtual host with 10kb index.html
NameVirtualHost 10.0.0.3:80 <http://10.0.0.3/>
<Virtualhost 10.0.0.3:80 <http://10.0.0.3/>>
DocumentRoot /usr/local/www/test
</Virtualhost>
mkdir /usr/local/www/test
dd if=/dev/random of=/usr/local/www/test/index.html bc=10k count=1
/usr/local/etc/rc.d/apache2 start
At that moment everything ready to panic :)
>From first machine i'm trying lynx http://10.0.0.3/
On second machine I see kernel panic.
When I was testing - I got no panic at first time. So I generated apache ssl
certs and adited ssl.conf. But next time I made same configuration - not
only 443, but 80 port connection made kernel panic too.
More information about the freebsd-stable
mailing list