Panic in packet filter

Ali Mdidech ali at moua7.com
Thu Feb 23 09:07:41 UTC 2012 

Hi List,

I've a box that panics multiple times randomly since a year whatever
the release is (8 or 9)
The crash dump shows that the problem is related to pf.
Is this some sort of identified bug?
Below some info and my pf.conf file.

Thank you very much for your help.

panic: page fault

GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0x6c
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0a25dc0
stack pointer           = 0x28:0xc4df5910
frame pointer           = 0x28:0xc4df5954
code segment            = base 0x0, limit 0xfffff, type 0x1b
                       = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 12 (irq256: em0:rx 0)
trap number             = 12
panic: page fault
cpuid = 0
KDB: stack backtrace:
#0 0xc08380b7 at kdb_backtrace+0x47
#1 0xc0805617 at panic+0x117
#2 0xc0aebcc3 at trap_fatal+0x323
#3 0xc0aec802 at trap+0x182
#4 0xc0ad5f8c at calltrap+0x6
#5 0xc589f7cc at pfr_update_stats+0x1cc
#6 0xc588de21 at pf_test+0x981
#7 0xc5895e79 at pf_check_in+0x39
#8 0xc08c3c68 at pfil_run_hooks+0x78
#9 0xc08e18ae at ip_input+0x24e
#10 0xc08c2d9f at netisr_dispatch_src+0x8f
#11 0xc08c3040 at netisr_dispatch+0x20
#12 0xc08b9721 at ether_demux+0x171
#13 0xc08b9b6f at ether_nh_input+0x37f
#14 0xc08c2d9f at netisr_dispatch_src+0x8f
#15 0xc08c3040 at netisr_dispatch+0x20
#16 0xc08b9269 at ether_input+0x19
#17 0xc05b383f at em_rxeof+0x30f
Uptime: 1h45m44s
Physical memory: 2002 MB
Dumping 185 MB: 170 154 138 122 106 90 74 58 42 26 10

Reading symbols from /boot/kernel/pf.ko...Reading symbols from
/boot/kernel/pf.ko.symbols...
done.
done.
Loaded symbols for /boot/kernel/pf.ko
#0  doadump (textdump=1) at pcpu.h:244
244     pcpu.h: No such file or directory.
       in pcpu.h
(kgdb) #0  doadump (textdump=1) at pcpu.h:244
#1  0xc08053ba in kern_reboot (howto=260)
   at /usr/src/sys/kern/kern_shutdown.c:442
#2  0xc0805651 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:607
#3  0xc0aebcc3 in trap_fatal (frame=0xc4df58d0, eva=108)
   at /usr/src/sys/i386/i386/trap.c:975
#4  0xc0aec802 in trap (frame=0xc4df58d0) at /usr/src/sys/i386/i386/trap.c:352
#5  0xc0ad5f8c in calltrap () at /usr/src/sys/i386/i386/exception.s:168
#6  0xc0a25dc0 in uma_zalloc_arg (zone=0x0, udata=0x0, flags=257)
   at pcpu.h:244
#7  0xc589f7cc in pfr_update_stats (kt=0xc58d44d8, a=0xc56aa01a, af=2 '\002',
   len=52, dir_out=0, op_pass=0, notrule=0) at uma.h:305
#8  0xc588de21 in pf_test (dir=1, ifp=0xc5253c00, m0=0xc4df5acc, eh=0x0,
   inp=0x0) at /usr/src/sys/modules/pf/../../contrib/pf/net/pf.c:7057
#9  0xc5895e79 in pf_check_in (arg=0x0, m=0xc4df5acc, ifp=0xc5253c00, dir=1,
   inp=0x0) at /usr/src/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:4139
#10 0xc08c3c68 in pfil_run_hooks (ph=0xc0d685e0, mp=0xc4df5b24,
   ifp=0xc5253c00, dir=1, inp=0x0) at /usr/src/sys/net/pfil.c:82
#11 0xc08e18ae in ip_input (m=0xc567db00)
   at /usr/src/sys/netinet/ip_input.c:510
#12 0xc08c2d9f in netisr_dispatch_src (proto=1, source=0, m=0xc567db00)
   at /usr/src/sys/net/netisr.c:1013
#13 0xc08c3040 in netisr_dispatch (proto=1, m=0xc567db00)
   at /usr/src/sys/net/netisr.c:1104
#14 0xc08b9721 in ether_demux (ifp=0xc5253c00, m=0xc567db00)
   at /usr/src/sys/net/if_ethersubr.c:937
#15 0xc08b9b6f in ether_nh_input (m=0xc567db00)
   at /usr/src/sys/net/if_ethersubr.c:756
#16 0xc08c2d9f in netisr_dispatch_src (proto=9, source=0, m=0xc567db00)
   at /usr/src/sys/net/netisr.c:1013
#17 0xc08c3040 in netisr_dispatch (proto=9, m=0xc567db00)
   at /usr/src/sys/net/netisr.c:1104
#18 0xc08b9269 in ether_input (ifp=0xc5253c00, m=0xc567db00)
   at /usr/src/sys/net/if_ethersubr.c:797
#19 0xc05b383f in em_rxeof (rxr=0xc520bc00, count=99, done=0x0)
   at /usr/src/sys/dev/e1000/if_em.c:4340
#20 0xc05b3a06 in em_msix_rx (arg=0xc520bc00)
   at /usr/src/sys/dev/e1000/if_em.c:1577
#21 0xc07da6eb in intr_event_execute_handlers (p=0xc5157588, ie=0xc5241680)
   at /usr/src/sys/kern/kern_intr.c:1257
#22 0xc07dbeaa in ithread_loop (arg=0xc52506e0)
   at /usr/src/sys/kern/kern_intr.c:1270
#23 0xc07d78f7 in fork_exit (callout=0xc07dbe30 <ithread_loop>,
   arg=0xc52506e0, frame=0xc4df5d28) at /usr/src/sys/kern/kern_fork.c:995
#24 0xc0ad6004 in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:275
(kgdb)


################## pf.conf ##################
ext_if = "em0"

public_tcp_ports = "{21,25,53,80,143,443,873,993,50021:50121}"
public_udp_ports = "53"

table <secure> {someip}
table <ssh_brute> persist counters

### Redirection for SMTP
rdr on $ext_if proto tcp from any to $ext_if port 225 -> $ext_if port 25

### Block everything in an pass everything out
pass out on $ext_if all modulate state
block in on $ext_if all

### secure users
pass in quick on $ext_if proto tcp from <secure> to any flags S/SA \
modulate state

### public tcp/udp ports rules
pass in on $ext_if proto udp to $ext_if port $public_udp_ports
pass in on $ext_if proto tcp to $ext_if port $public_tcp_ports flags S/SA \
modulate state

### block ssh bruteforce
block in quick from <ssh_brute>
pass in quick on $ext_if proto tcp to $ext_if port 22 flags S/SA
modulate state \
(max-src-conn 5, max-src-conn-rate 10/60, overload <ssh_brute> flush global)

### block icmp timestamp request/response
block in quick on $ext_if inet proto icmp all icmp-type {13, 14}
pass in quick on $ext_if proto icmp all

############ end pf.conf ##############

--
Ali Mdidech

More information about the freebsd-pf mailing list