kern/144269: problem with ipfw tables

Alexey Kouznetsov alexey at
Wed Feb 24 20:40:03 UTC 2010

>Number:         144269
>Category:       kern
>Synopsis:       problem with ipfw tables
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 24 20:40:03 UTC 2010
>Originator:     Alexey Kouznetsov
>Release:        FreeBSD 7.x adm64
FreeBSD 7.3-PRERELEASE FreeBSD 7.3-PRERELEASE #0: Thu Feb 18 17:35:07 MSK 2010     root at
rc/sys/XXXXXX  amd64
sometimes we have "Flying Dutchman" in freebsd tables
# ipfw table 30 list | wc -l
# /sbin/ipfw table 30 list | egrep 101
# /sbin/ipfw table 30 delete
ipfw: setsockopt(IP_FW_TABLE_DEL): No such process
# /sbin/ipfw table 30 list | egrep 101
# ipfw table 30 list | wc -l

this problem returns time to time. I saw it some time since 7.0-RELEASE until latest 7 stable. (did not use i386 with 7.x and tables). Did not saw it on 6.x and older branch. We do not use 8.x
reboot :(. But after reboot, possible, we will have different ip(s) "always in table".

Also sometimes I saw 
"pipe tablearg ip from any to table(30) xmit em1 out"
and some pipes shown IPs, whis are not in table 30 at all, and never was here. (this is not output problem, speed is actually same as defined for this pipe, all counters grown and so on. "show table 30" do not show the IP, but this actually come to pipe)
I use fake pipe without speed limits, and add to such table all possible IPs, which are should not to be speed limited, with this, fake, argument. In this case this second problem gone. Also seen only on 7.x amd64 branch.

I think both problems came from same place.


More information about the freebsd-bugs mailing list