Relayd crashing Kernel on 10.1
Kolontai Andrej
Andrej.Kolontai at Verwaltung.Uni-Muenchen.DE
Wed Nov 26 08:44:35 UTC 2014
Hello @all,
I'm new to this list and hope this is the right place to ask.
We are using FreeBSD for our Firewalls and are actually happy with it. Since recently we use relayd (installed via pkg) to do some load balancing stuff. On a freshly installed machine running 10.0-RELEASE everything worked fine.
On monday, I tried to upgrade to 10.1-RELEASE using freebsd-update as described in the handbook chapter 24. At first everything looked good but relayd wouldn't come up:
"Nov 24 10:50:48 flutters relayd[3300]: fatal: cannot add rule: Operation not supported by device
Nov 24 10:50:48 flutters relayd[3293]: lost child: pfe exited abnormally"
When I tried to start it with /usr/local/etc/rc.d/relayd start the kernel panicked. I had to roll back the update (which worked fine). However, I was able to reproduce this behavior on a virtual machine.
My guess is it happens here:
#7 0xffffffff81a37954 in pfr_detach_table (kt=0x0)
at /usr/src_10.1.0/sys/modules/pf/../../netpfil/pf/pf_table.c:2047
The corresponding code is:
void
pfr_detach_table(struct pfr_ktable *kt)
{
PF_RULES_WASSERT();
KASSERT(kt->pfrkt_refcnt[PFR_REFCNT_RULE] > 0, ("%s: refcount %d\n",
__func__, kt->pfrkt_refcnt[PFR_REFCNT_RULE]));
if (!--kt->pfrkt_refcnt[PFR_REFCNT_RULE])
pfr_setflags_ktable(kt, kt->pfrkt_flags&~PFR_TFLAG_REFERENCED);
}
>From what I know about C programming: kt is not supposed to be 0x0.
My guess was that some data structure has changed between 10.0 and 10.1 kernels. So a recompile of relayd should fix that. It did. I compiled it from the ports and it worked.
Now my question ist: did I do something wrong? Maybe compiling is the preferred method over using binaries? I'm still trying to figure out what the "stay-out-of-trouble"-mode on FreeBSD is (like yum -y update). But I'd rather use the binaries.
Viele Grüße
Andrej Kolontai
Ludwig-Maximilians-Universitaet Muenchen
Ref. VI.4 (IT-Sicherheit & Verzeichnisdienste)
Martiusstrasse 4 / 207
80802 Muenchen
phone +49 (0)89 2180-3815
email mailto:andrej.kolontai at verwaltung.uni-muenchen.de
web http://www.uni-muenchen.de/zuv/it/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: core.txt.0
Type: application/octet-stream
Size: 96477 bytes
Desc: core.txt.0
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20141126/9b3f7603/attachment.obj>
More information about the freebsd-questions
mailing list