Luigi Rizzo wrote: > > > > My router that uses ipfw2 for WF2Q+ sometimes writes in log: > > > > Sep 15 10:14:38 gw2 /kernel: ipfw: pullup failed > > > > Sep 15 11:50:53 gw2 /kernel: ipfw: pullup failed > > > > > > a possibility is that it has run out of mbufs. what does netstat -m say ? > > > > 669/1920/65536 mbufs in use (current/peak/max): > > 654 mbufs allocated to data > > 15 mbufs allocated to packet headers > > 472/712/16384 mbuf clusters in use (current/peak/max) > > ok, another one is that the packet was too short for the desired > length (supposedly, as a result of a collision). > You could perhaps try the following patch and see if it tells you > something more interesting. > > static int > ipfw_chk(struct ip_fw_args *args) > { > + int desired_len = -1; > /* > * Local variables hold state during the processing of a packet. > * > * IMPORTANT NOTE: to speed up the processing of rules, there > > ... > > #define PULLUP_TO(len) \ > do { \ > if ((m)->m_len < (len)) { \ > args->m = m = m_pullup(m, (len)); \ > - if (m == 0) \ > + if (m == 0) { \ > + desired_len = (len); \ > goto pullup_failed; \ > + } \ > ip = mtod(m, struct ip *); \ > } \ > } while (0) > > ... > pullup_failed: > if (fw_verbose) > - printf("pullup failed\n"); > + printf("pullup failed have %d want %d\n", m->m_len,desired_len); > return(IP_FW_PORT_DENY_FLAG); > }
I've upgraded my router to 4.9-STABLE and applied your patch. Well, it produces something interesting. It produces kernel panic because m once became NULL in this printf :-) Eugene Grosbein _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"