[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Feb 2 07:52:04 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216719
Bug ID: 216719
Summary: panic: ipfw_check_frame: unknown retval - while trying
to ipfw nat incoming packet without translation state
(can be L2 firewall related)
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: bsd at kobyla.org
Panic on processing ingress ipfw nat for any spurious packet (without matching
NAT state)
ipfw tunables:
net.link.bridge.ipfw_arp: 0
net.link.bridge.ipfw: 0
net.link.ether.ipfw: 1 -- can be the problem source (not tested yet)
net.inet.ip.fw.one_pass: 0
own prefix:
# ifconfig lo194
lo194: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet 194.246.74.1 netmask 0xffffffff
inet 194.246.74.77 netmask 0xffffffff
inet 194.246.74.201 netmask 0xffffffff
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
groups: lo
uplink-1:
rl0.3498: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
uplink-2:
rl0.2386: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
uplink-3: mpd5 pppoe (not used in testing)
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu
1478
# ipfw show
06101 0 0 nat 101 log ip from table(5) to any out xmit rl0.*
06109 931 48145 deny log ip from any to 194.246.74.201 in
09900 206 12360 deny log ip from
10.0.0.0/8,192.168.0.0/16,172.16.0.0/19 to any xmit rl0.*
09910 843 172719 deny log ip from
10.0.0.0/8,192.168.0.0/16,172.16.0.0/19 to any xmit ng0
09920 0 0 deny log ip from any to 194.246.74.0/24 xmit ng0
11784 16 708 deny tcp from any to any dst-port
3306,3128,135,139,445 recv ng0
16675 3107 150704 deny log ip from any to any dst-port
111,135,139,445,958,3306,4443,3306,3128 recv rl0*
65530 10032698 2985048430 allow ip from any to any
65535 907 52740 allow ip from any to any
No panic until 6108 rule added (ingress nat):
# ipfw add 6108 nat 101 log logamount 0 all from any to 194.246.74.201 in recv
rl0.*
Panic after receiving any incoming packet to the nat address:
80.252.249.247> ping 194.246.74.201
<110>ipfw: 6109 Nat ICMP:8.0 80.252.249.247 194.246.74.201 in via rl0.3498
cel.home dumped core - see /var/crash/vmcore.343
Wed Feb 1 21:01:56 EET 2017
FreeBSD cel.home 12.0-CURRENT FreeBSD 12.0-CURRENT #29 r312942: Sun Jan 29
22:29:43 EET 2017 root at cel.home:/usr/obj/usr/src/sys/PDC10 amd64
panic: ipfw_check_frame: unknown retval
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...
Unread portion of the kernel message buffer:
<110>ipfw: 6109 Nat ICMP:8.0 80.252.249.247 194.246.74.201 in via rl0.3498
panic: ipfw_check_frame: unknown retval
cpuid = 1
KDB: stack backtrace:
db_trace_self_wrapper() at 0xffffffff8032264b =
db_trace_self_wrapper+0x2b/frame 0xfffffe00003f9530
vpanic() at 0xffffffff80547196 = vpanic+0x186/frame 0xfffffe00003f95b0
kassert_panic() at 0xffffffff80547006 = kassert_panic+0x126/frame
0xfffffe00003f9620
ipfw_check_frame() at 0xffffffff80782446 = ipfw_check_frame+0x286/frame
0xfffffe00003f9770
pfil_run_hooks() at 0xffffffff8064c7ac = pfil_run_hooks+0x9c/frame
0xfffffe00003f9800
ether_demux() at 0xffffffff806367c8 = ether_demux+0x48/frame
0xfffffe00003f9830
ether_nh_input() at 0xffffffff806376d9 = ether_nh_input+0x319/frame
0xfffffe00003f9870
netisr_dispatch_src() at 0xffffffff8064b6a0 = netisr_dispatch_src+0x80/frame
0xfffffe00003f98d0
ether_input() at 0xffffffff80636c32 = ether_input+0x62/frame
0xfffffe00003f9900
vlan_input() at 0xffffffff8063da1c = vlan_input+0x1dc/frame 0xfffffe00003f9980
ether_demux() at 0xffffffff80636828 = ether_demux+0xa8/frame
0xfffffe00003f99b0
ether_nh_input() at 0xffffffff806376d9 = ether_nh_input+0x319/frame
0xfffffe00003f99f0
netisr_dispatch_src() at 0xffffffff8064b6a0 = netisr_dispatch_src+0x80/frame
0xfffffe00003f9a50
ether_input() at 0xffffffff80636c32 = ether_input+0x62/frame
0xfffffe00003f9a80
rl_rxeof() at 0xffffffff8040086f = rl_rxeof+0x25f/frame 0xfffffe00003f9ae0
rl_intr() at 0xffffffff803ff68e = rl_intr+0xee/frame 0xfffffe00003f9b20
intr_event_execute_handlers() at 0xffffffff8050e5f6 =
intr_event_execute_handlers+0x96/frame 0xfffffe00003f9b60
ithread_loop() at 0xffffffff8050ec66 = ithread_loop+0xa6/frame
0xfffffe00003f9bb0
fork_exit() at 0xffffffff8050bf24 = fork_exit+0x84/frame 0xfffffe00003f9bf0
fork_trampoline() at 0xffffffff8084f94e = fork_trampoline+0xe/frame
0xfffffe00003f9bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list