Unkillable /sbin/ipfw process

Eugene Grosbein egrosbein at rdtc.ru
Wed May 2 06:01:16 UTC 2012


Hi!

I've found easy way to make ipfw(8) to become unkillable even witk kill -9.
It is displayed as "running" and takes all CPU cycles.

Just run the following script with argument 122 for 8.3/i386
or with 121 for 8.3/amd64.

#!/bin/sh

args="add 60001 count ip from any to { "

for i in `jot $1 1`
do
args="${args}127.0.0.$i or "
done
args="${args}127.0.1.1 }";

ipfw delete 60001
echo ipfw $args
ipfw $args
#EOF

After one /sbin/ipfw is stuck in this state,
all others invocations of /sbin/ipfw (including "ipfw show")
add another stuck ipfw process.

See also http://www.freebsd.org/cgi/query-pr.cgi?pr=65961

Eugene Grosbein.


More information about the freebsd-stable mailing list