Fwd: pf problems
Max Laier
max at love2party.net
Sat Aug 6 02:11:08 GMT 2005
Sergey,
On Friday 05 August 2005 13:29, Sergey Lapin wrote:
> Hi, all:
<...>
> Test case:
> (done from Linix machine from 1.1.1.128/25)
>
> tcpreplay -e 1.1.1.133:255.255.255.255 -i eth0 packet
> (where packet is random captured UDP packet using tcpdump -peni)
>
> or
>
> tcpreplay -e 1.1.1.133:10.2.2.2 -i eth0 packet
> (where packet is random captured UDP packet)
>
> kills machine.
> Machine hangs and doesn't react on keyboard, whatever.
> Only reset helps.
> Directly blocking addresses in pf.conf help and normal connections
> with UDP disabled
> work well.
> Any ideas?
What version of FreeBSD are you running? Do you have a SMP/PREEMPTION kernel?
Does setting debug.mpsafenet=0 in loader.conf change the situation? Do you
have a chance to attach a remote debugger or can you try to break into the
debugger from the console?
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20050806/7a6af117/attachment.bin
More information about the freebsd-pf
mailing list