On 08/02/15 13:37, Mike Belopuhov wrote:
> On 2 August 2015 at 15:28, RD Thrush <[email protected]> wrote:
>> On 08/01/15 19:31, Jonathan Gray wrote:
>>> On Sat, Aug 01, 2015 at 08:46:00PM +0200, Mike Belopuhov wrote:
>>>> [... snip ...]
>>>> You're slightly overanalyzing here: panic has caught the unhandled
>>>> case, but it's not needed per se.
>>>>
>>>
>>> The code directly after the panic assumes rpool is set.
>>> Something is clearly wrong in the pf code if this triggers.
>>>
>>> Without a pf.conf it is hard to guess as to why this triggers...
>>
>> I've attached a partially sanitized concatenation of pf rules, ifconfig,
>> netstat -nr, cat /etc/hostname.$if. Please let me know what more info would
>> be helpful.
>>
>> FWIW, this firewall has been operating successfully with snaps for many
>> years. The pf configuration is not tuned as it is somewhat a testbed with
>> an accumulation of various failed/successful experiments. Also, the urtwn
>> interface has been removed for at least the past month so treat the
>> associated rules accordingly.
>>
>
> most likely it's triggered by the reply-to statement. you may try the
> attached
> diff to see which rule the state belongs to. since you're using
> anchors, figuring
> out rule numbers will not be easy but you may try to see if one of those give
> you something reasonable:
>
> pfctl -a '*' -vvsr
> pfctl -a 'ext1' -vvsr
> pfctl -a 'ext2' -vvsr
Thanks, "panic: no appropriate pool for 23/23" is the new result. Since the
main pf has less than 23 rules and only one of the anchors has an active
interface, I assume it's rule 23 from the ext1 anchor. I've attached the pfctl
results from above as well as a short gdb session w/ the crash dump.
panic: no appropriate pool for 23/23
Stopped at Debugger+0x7: leave
RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC!
DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION!
ddb> trace
Debugger(d09d272c,f5233e18,d09a5231,f5233e18,0) at Debugger+0x7
panic(d09a5231,17,17,d03b7608,d179ec30) at panic+0x71
pf_postprocess_addr(d5daf1c4,d09a3978,751611d9,d608fba0,f5233f40) at
pf_postprocess_addr+0x2db
pf_unlink_state(d5daf1c4,8,0,0,0) at pf_unlink_state+0x2f
pf_purge_expired_states(8,20,d09a3b9f,64,d608fba0) at
pf_purge_expired_states+0x8e
pf_purge_thread(d608fba0) at pf_purge_thread+0x66
ddb> ps
PID PPID PGRP UID S FLAGS WAIT COMMAND
28959 29744 29744 0 3 0x82 nanosleep newsyslog
29744 15742 29744 0 3 0x8a pause sh
15742 29063 29063 0 3 0x80 piperd cron
30635 3057 18902 1000 3 0x82 nanosleep sleep
10521 3942 10521 1000 3 0x83 ttyin bash
3942 13206 13206 1000 3 0x90 select sshd
13206 10345 13206 0 3 0x92 poll sshd
24303 1 24303 0 3 0x83 ttyin getty
3057 18902 18902 1000 3 0x8a pause sh
18902 17843 18902 1000 3 0x8a pause sh
17843 29063 29063 0 3 0x80 piperd cron
29063 1 29063 0 3 0x80 poll cron
14529 1 18325 750 3 0x81 nanosleep perl
31306 19765 19765 606 3 0x90 kqread ladvd
19765 1 19765 0 3 0x80 kqread ladvd
628 1 628 99 3 0x90 poll sndiod
5370 1 5370 79 3 0x90 kqread tftpd
26243 17852 17852 67 3 0x90 kqread httpd
5443 17852 17852 67 3 0x90 kqread httpd
23826 28804 23826 67 3 0x90 kqread httpd
17852 28804 17852 67 3 0x90 kqread httpd
28804 1 28804 0 3 0x80 kqread httpd
28240 26040 26040 95 3 0x90 kqread smtpd
28040 26040 26040 95 3 0x90 kqread smtpd
17835 26040 26040 95 3 0x90 kqread smtpd
13222 26040 26040 95 3 0x90 kqread smtpd
21891 26040 26040 95 3 0x90 kqread smtpd
31023 26040 26040 103 3 0x90 kqread smtpd
26040 1 26040 0 3 0x80 kqread smtpd
7321 1 7321 77 3 0x90 poll dhcpd
10345 1 10345 0 3 0x80 select sshd
1103 0 0 0 3 0x14280 nfsidl nfsio
11485 0 0 0 3 0x14280 nfsidl nfsio
32022 0 0 0 3 0x14280 nfsidl nfsio
609 0 0 0 3 0x14280 nfsidl nfsio
20992 1 20992 0 3 0x80 poll ntpd
16027 17436 16027 83 3 0x90 poll ntpd
17436 1 17436 83 3 0x90 poll ntpd
15716 1 15716 53 3 0x90 kqread unbound
26708 10651 9354 97 3 0x90 kqread nsd
10651 9354 9354 97 3 0x90 select nsd
9354 1 9354 97 3 0x90 kqread nsd
17042 21725 21725 74 3 0x90 bpf pflogd
21725 1 21725 0 3 0x80 netio pflogd
21402 15626 15626 73 3 0x90 kqread syslogd
15626 1 15626 0 3 0x80 netio syslogd
22942 1 22942 577 3 0x90 poll openvpn
14257 0 0 0 3 0x14200 pgzero zerothread
18078 0 0 0 3 0x14200 aiodoned aiodoned
23489 0 0 0 3 0x14200 syncer update
5067 0 0 0 3 0x14200 cleaner cleaner
26636 0 0 0 3 0x14200 reaper reaper
8826 0 0 0 3 0x14200 pgdaemon pagedaemon
23805 0 0 0 3 0x14200 bored crypto
* 705 0 0 0 7 0x14200 pfpurge
21236 0 0 0 3 0x14200 usbtsk usbtask
28615 0 0 0 3 0x14200 usbatsk usbatsk
2343 0 0 0 3 0x14200 bored softnet
20428 0 0 0 3 0x14200 bored systqmp
16301 0 0 0 3 0x14200 bored systq
26974 0 0 0 3 0x40014200 idle0
798 0 0 0 3 0x14200 kmalloc kmthread
1 0 1 0 3 0x82 wait init
0 -1 0 0 3 0x10200 scheduler swapper
ddb> show registers
ds 0x10
es 0x10
fs 0x20
gs 0
edi 0x100
esi 0xd09a5231 fusefs_vfsops+0x1eb1
ebp 0xf5233dcc
ebx 0xf5233e18
edx 0x1
ecx 0xd0b25240 kprintf_mutex
eax 0x1
eip 0xd0553c57 Debugger+0x7
cs 0x8
eflags 0x282
esp 0xf5233dbc
ss 0x10
Debugger+0x7: leave
ddb> boot crash
@0 pass all flags S/SA
[ Evaluations: 120867 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@1 match out on egress all set ( prio(5, 6) )
[ Evaluations: 120867 Packets: 2213441 Bytes: 1025018633 States: 11 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@2 match all scrub (no-df)
[ Evaluations: 120867 Packets: 4986760 Bytes: 2222850423 States: 56 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@3 match out on pppoe all scrub (max-mss 1440)
[ Evaluations: 120867 Packets: 2213441 Bytes: 1025018633 States: 11 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@4 block drop all label "block_all"
[ Evaluations: 120867 Packets: 1754 Bytes: 130559 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@5 block drop in on ! int inet from 10.1.2.0/24 to any
[ Evaluations: 120867 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@6 block drop in inet from 10.1.2.1 to any
[ Evaluations: 94715 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@7 block drop in on ! dsl inet from 192.168.7.0/24 to any
[ Evaluations: 93838 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@8 block drop in inet from 192.168.7.2 to any
[ Evaluations: 93838 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@9 block drop in quick on int from any to <bogus:2> label "bogus_in"
[ Evaluations: 93838 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@10 anchor "ext1" on pppoe0 all {
[ Evaluations: 120867 Packets: 28211 Bytes: 2460602 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 246 ]
@0 block drop in on ! pppoe0 from (pppoe0:network:1) to any
[ Evaluations: 27251 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@1 block drop in from (pppoe0:1) to any
[ Evaluations: 27251 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@2 block drop in log quick on pppoe0 proto tcp from <sshguard:0> to any port =
22 label "ssh bruteforce_pppoe0"
[ Evaluations: 1099 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@3 block drop in log quick on pppoe0 from <bogon:13> to any label
"bogon_in_pppoe0"
[ Evaluations: 1099 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@4 block drop out log on pppoe0 from any to <bogon:13> label "bogon_out_pppoe0"
[ Evaluations: 27251 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@5 pass out log on pppoe0 all flags S/SA label "out_pppoe0"
[ Evaluations: 26152 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@6 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 80 rdr-to
10.1.2.30
[ Evaluations: 27251 Packets: 306 Bytes: 17612 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@7 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 6081 rdr-to
10.1.2.30
[ Evaluations: 685 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@8 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 8080 rdr-to
10.1.2.30
[ Evaluations: 539 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@9 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 9418 rdr-to
10.1.2.18 port 9418
[ Evaluations: 539 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@10 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 119 rdr-to
10.1.2.10 port 119
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@11 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65429
rdr-to 10.1.2.18 port 22
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@12 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65428
rdr-to 10.1.2.30 port 22
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@13 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65427
rdr-to 10.1.2.31 port 22
[ Evaluations: 522 Packets: 26838 Bytes: 2249564 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@14 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65426
rdr-to 10.1.2.33 port 22
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@15 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65425
rdr-to 10.1.2.11 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@16 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65424
rdr-to 10.1.2.12 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@17 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65423
rdr-to 10.1.2.15 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@18 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65420
rdr-to 10.1.2.143 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@19 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65419
rdr-to 10.1.2.144 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@20 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 46889 set (
prio 2 ) rdr-to 10.1.2.17 port 46889
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@21 match in on pppoe0 inet proto udp from any to (pppoe0:1) port = 46889 set (
prio 2 ) rdr-to 10.1.2.17 port 46889
[ Evaluations: 414 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@22 match out on pppoe0 inet from <int_net:5> to any nat-to (pppoe0:0:1)
[ Evaluations: 27251 Packets: 2109397 Bytes: 1003141051 States: 10 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@23 pass in quick on pppoe0 inet proto tcp from any to any port = 22 flags S/SA
synproxy state reply-to pppoe0
[ Evaluations: 25630 Packets: 27856 Bytes: 2431526 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 98 ]
@24 pass in quick on pppoe0 inet proto tcp from any to any port = 52122 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 587 Packets: 49 Bytes: 11464 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 2 ]
@25 pass in quick on pppoe0 inet proto tcp from any to any port = 65432 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@26 pass in quick on pppoe0 inet proto tcp from any to any port = 65431 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@27 pass in quick on pppoe0 inet proto tcp from any to any port = 65430 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@28 pass in quick on pppoe0 inet proto tcp from any to any port = 65429 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@29 pass in quick on pppoe0 inet proto tcp from any to any port = 65428 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@30 pass in quick on pppoe0 inet proto tcp from any to any port = 65427 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@31 pass in quick on pppoe0 inet proto tcp from any to any port = 65426 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@32 pass in quick on pppoe0 inet proto tcp from any to any port = 65425 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@33 pass in quick on pppoe0 inet proto tcp from any to any port = 65424 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@34 pass in quick on pppoe0 inet proto tcp from any to any port = 65423 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@35 pass in quick on pppoe0 inet proto tcp from any to any port = 65420 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@36 pass in quick on pppoe0 inet proto tcp from any to any port = 65419 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@37 pass in on pppoe0 inet proto tcp from any to any port = 119 flags S/SA
reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@38 pass in on pppoe0 inet proto tcp from any to any port = 80 flags S/SA
reply-to pppoe0
[ Evaluations: 585 Packets: 306 Bytes: 17612 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 146 ]
@39 pass in on pppoe0 inet proto udp from any to any port = 1194 reply-to pppoe0
[ Evaluations: 999 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@40 pass in on pppoe0 inet proto tcp from any to any port = 46889 flags S/SA
set ( prio 2 ) reply-to pppoe0
[ Evaluations: 999 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@41 pass in on pppoe0 inet proto udp from any to any port = 46889 set ( prio 2
) reply-to pppoe0
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
}
@11 anchor "ext2" on urtwn0 all {
[ Evaluations: 119146 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@0 block drop in on ! urtwn0 from (urtwn0:network:*) to any
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@1 block drop in from (urtwn0:*) to any
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@2 block drop in log quick on urtwn0 proto tcp from <sshguard:0> to any port =
22 label "ssh bruteforce_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@3 block drop in log quick on urtwn0 from <bogon:13> to any label
"bogon_in_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@4 block drop out log on urtwn0 from any to <bogon:13> label "bogon_out_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@5 pass out log on urtwn0 all flags S/SA label "out_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@6 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 80 rdr-to
10.1.2.18
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@7 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 6081 rdr-to
10.1.2.18
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@8 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 8080 rdr-to
10.1.2.18
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@9 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 9418 rdr-to
10.1.2.18 port 9418
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@10 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 119 rdr-to
10.1.2.10 port 119
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@11 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65429
rdr-to 10.1.2.18 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@12 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65428
rdr-to 10.1.2.30 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@13 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65427
rdr-to 10.1.2.31 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@14 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65426
rdr-to 10.1.2.33 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@15 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65425
rdr-to 10.1.2.11 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@16 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65424
rdr-to 10.1.2.12 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@17 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65423
rdr-to 10.1.2.15 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@18 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65420
rdr-to 10.1.2.143 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@19 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65419
rdr-to 10.1.2.144 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@20 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 46889
rdr-to 10.1.2.17 port 46889
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@21 match in on urtwn0 inet proto udp from any to (urtwn0:*) port = 46889
rdr-to 10.1.2.17 port 46889
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@22 match out on urtwn0 inet from ! (urtwn0:*) to any nat-to (urtwn0:0:*)
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@23 pass in quick on urtwn0 inet proto tcp from any to any port = 22 flags S/SA
synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@24 pass in quick on urtwn0 inet proto tcp from any to any port = 52122 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@25 pass in quick on urtwn0 inet proto tcp from any to any port = 65432 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@26 pass in quick on urtwn0 inet proto tcp from any to any port = 65431 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@27 pass in quick on urtwn0 inet proto tcp from any to any port = 65430 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@28 pass in quick on urtwn0 inet proto tcp from any to any port = 65429 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@29 pass in quick on urtwn0 inet proto tcp from any to any port = 65428 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@30 pass in quick on urtwn0 inet proto tcp from any to any port = 65427 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@31 pass in quick on urtwn0 inet proto tcp from any to any port = 65426 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@32 pass in quick on urtwn0 inet proto tcp from any to any port = 65425 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@33 pass in quick on urtwn0 inet proto tcp from any to any port = 65424 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@34 pass in quick on urtwn0 inet proto tcp from any to any port = 65423 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@35 pass in quick on urtwn0 inet proto tcp from any to any port = 65420 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@36 pass in quick on urtwn0 inet proto tcp from any to any port = 65419 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@37 pass in on urtwn0 inet proto tcp from any to any port = 119 flags S/SA
reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@38 pass in on urtwn0 inet proto tcp from any to any port = 80 flags S/SA
reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@39 pass in on urtwn0 inet proto udp from any to any port = 1194 reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
}
@12 pass out quick all flags S/SA
[ Evaluations: 119146 Packets: 2377186 Bytes: 1130924666 States: 12 ]
[ Inserted: uid 0 pid 20191 State Creations: 25370 ]
@13 pass in inet proto icmp all icmp-type echoreq
[ Evaluations: 93774 Packets: 18 Bytes: 592 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 9 ]
@14 pass in inet proto icmp all icmp-type unreach
[ Evaluations: 93 Packets: 73 Bytes: 6212 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@15 pass in quick on dsl inet from 192.168.7.0/24 to any flags S/SA
[ Evaluations: 93738 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@16 pass on lo0 inet6 from fe80::1 to any flags S/SA
[ Evaluations: 93774 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@17 pass inet6 from ::1 to any flags S/SA
[ Evaluations: 93774 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@18 pass inet from 127.0.0.1 to any flags S/SA
[ Evaluations: 93774 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@19 pass inet from 10.1.2.0/24 to any flags S/SA
[ Evaluations: 93774 Packets: 2581347 Bytes: 1089464763 States: 44 ]
[ Inserted: uid 0 pid 20191 State Creations: 90207 ]
@20 pass quick on tun0 inet all flags S/SA
[ Evaluations: 93774 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@21 pass out on vr3 inet proto tcp from any to 192.168.7.1 port = 80 flags S/SA
[ Evaluations: 93774 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@0 block drop in on ! pppoe0 from (pppoe0:network:1) to any
[ Evaluations: 27255 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@1 block drop in from (pppoe0:1) to any
[ Evaluations: 27255 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@2 block drop in log quick on pppoe0 proto tcp from <sshguard:0> to any port =
22 label "ssh bruteforce_pppoe0"
[ Evaluations: 1099 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@3 block drop in log quick on pppoe0 from <bogon:13> to any label
"bogon_in_pppoe0"
[ Evaluations: 1099 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@4 block drop out log on pppoe0 from any to <bogon:13> label "bogon_out_pppoe0"
[ Evaluations: 27255 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@5 pass out log on pppoe0 all flags S/SA label "out_pppoe0"
[ Evaluations: 26156 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@6 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 80 rdr-to
10.1.2.30
[ Evaluations: 27255 Packets: 306 Bytes: 17612 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@7 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 6081 rdr-to
10.1.2.30
[ Evaluations: 685 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@8 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 8080 rdr-to
10.1.2.30
[ Evaluations: 539 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@9 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 9418 rdr-to
10.1.2.18 port 9418
[ Evaluations: 539 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@10 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 119 rdr-to
10.1.2.10 port 119
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@11 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65429
rdr-to 10.1.2.18 port 22
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@12 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65428
rdr-to 10.1.2.30 port 22
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@13 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65427
rdr-to 10.1.2.31 port 22
[ Evaluations: 522 Packets: 26838 Bytes: 2249564 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@14 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65426
rdr-to 10.1.2.33 port 22
[ Evaluations: 522 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@15 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65425
rdr-to 10.1.2.11 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@16 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65424
rdr-to 10.1.2.12 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@17 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65423
rdr-to 10.1.2.15 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@18 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65420
rdr-to 10.1.2.143 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@19 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 65419
rdr-to 10.1.2.144 port 22
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@20 match in on pppoe0 inet proto tcp from any to (pppoe0:1) port = 46889 set (
prio 2 ) rdr-to 10.1.2.17 port 46889
[ Evaluations: 520 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@21 match in on pppoe0 inet proto udp from any to (pppoe0:1) port = 46889 set (
prio 2 ) rdr-to 10.1.2.17 port 46889
[ Evaluations: 414 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@22 match out on pppoe0 inet from <int_net:5> to any nat-to (pppoe0:0:1)
[ Evaluations: 27255 Packets: 2109442 Bytes: 1003145431 States: 10 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@23 pass in quick on pppoe0 inet proto tcp from any to any port = 22 flags S/SA
synproxy state reply-to pppoe0
[ Evaluations: 25634 Packets: 27856 Bytes: 2431526 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 98 ]
@24 pass in quick on pppoe0 inet proto tcp from any to any port = 52122 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 587 Packets: 49 Bytes: 11464 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 2 ]
@25 pass in quick on pppoe0 inet proto tcp from any to any port = 65432 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@26 pass in quick on pppoe0 inet proto tcp from any to any port = 65431 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@27 pass in quick on pppoe0 inet proto tcp from any to any port = 65430 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@28 pass in quick on pppoe0 inet proto tcp from any to any port = 65429 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@29 pass in quick on pppoe0 inet proto tcp from any to any port = 65428 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@30 pass in quick on pppoe0 inet proto tcp from any to any port = 65427 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@31 pass in quick on pppoe0 inet proto tcp from any to any port = 65426 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@32 pass in quick on pppoe0 inet proto tcp from any to any port = 65425 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@33 pass in quick on pppoe0 inet proto tcp from any to any port = 65424 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@34 pass in quick on pppoe0 inet proto tcp from any to any port = 65423 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@35 pass in quick on pppoe0 inet proto tcp from any to any port = 65420 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@36 pass in quick on pppoe0 inet proto tcp from any to any port = 65419 flags
S/SA synproxy state reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@37 pass in on pppoe0 inet proto tcp from any to any port = 119 flags S/SA
reply-to pppoe0
[ Evaluations: 585 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@38 pass in on pppoe0 inet proto tcp from any to any port = 80 flags S/SA
reply-to pppoe0
[ Evaluations: 585 Packets: 306 Bytes: 17612 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 146 ]
@39 pass in on pppoe0 inet proto udp from any to any port = 1194 reply-to pppoe0
[ Evaluations: 999 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@40 pass in on pppoe0 inet proto tcp from any to any port = 46889 flags S/SA
set ( prio 2 ) reply-to pppoe0
[ Evaluations: 999 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@41 pass in on pppoe0 inet proto udp from any to any port = 46889 set ( prio 2
) reply-to pppoe0
[ Evaluations: 496 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@0 block drop in on ! urtwn0 from (urtwn0:network:*) to any
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@1 block drop in from (urtwn0:*) to any
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@2 block drop in log quick on urtwn0 proto tcp from <sshguard:0> to any port =
22 label "ssh bruteforce_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@3 block drop in log quick on urtwn0 from <bogon:13> to any label
"bogon_in_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@4 block drop out log on urtwn0 from any to <bogon:13> label "bogon_out_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@5 pass out log on urtwn0 all flags S/SA label "out_urtwn0"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@6 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 80 rdr-to
10.1.2.18
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@7 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 6081 rdr-to
10.1.2.18
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@8 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 8080 rdr-to
10.1.2.18
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@9 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 9418 rdr-to
10.1.2.18 port 9418
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@10 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 119 rdr-to
10.1.2.10 port 119
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@11 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65429
rdr-to 10.1.2.18 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@12 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65428
rdr-to 10.1.2.30 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@13 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65427
rdr-to 10.1.2.31 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@14 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65426
rdr-to 10.1.2.33 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@15 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65425
rdr-to 10.1.2.11 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@16 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65424
rdr-to 10.1.2.12 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@17 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65423
rdr-to 10.1.2.15 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@18 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65420
rdr-to 10.1.2.143 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@19 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 65419
rdr-to 10.1.2.144 port 22
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@20 match in on urtwn0 inet proto tcp from any to (urtwn0:*) port = 46889
rdr-to 10.1.2.17 port 46889
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@21 match in on urtwn0 inet proto udp from any to (urtwn0:*) port = 46889
rdr-to 10.1.2.17 port 46889
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@22 match out on urtwn0 inet from ! (urtwn0:*) to any nat-to (urtwn0:0:*)
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@23 pass in quick on urtwn0 inet proto tcp from any to any port = 22 flags S/SA
synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@24 pass in quick on urtwn0 inet proto tcp from any to any port = 52122 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@25 pass in quick on urtwn0 inet proto tcp from any to any port = 65432 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@26 pass in quick on urtwn0 inet proto tcp from any to any port = 65431 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@27 pass in quick on urtwn0 inet proto tcp from any to any port = 65430 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@28 pass in quick on urtwn0 inet proto tcp from any to any port = 65429 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@29 pass in quick on urtwn0 inet proto tcp from any to any port = 65428 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@30 pass in quick on urtwn0 inet proto tcp from any to any port = 65427 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@31 pass in quick on urtwn0 inet proto tcp from any to any port = 65426 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@32 pass in quick on urtwn0 inet proto tcp from any to any port = 65425 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@33 pass in quick on urtwn0 inet proto tcp from any to any port = 65424 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@34 pass in quick on urtwn0 inet proto tcp from any to any port = 65423 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@35 pass in quick on urtwn0 inet proto tcp from any to any port = 65420 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@36 pass in quick on urtwn0 inet proto tcp from any to any port = 65419 flags
S/SA synproxy state reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@37 pass in on urtwn0 inet proto tcp from any to any port = 119 flags S/SA
reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@38 pass in on urtwn0 inet proto tcp from any to any port = 80 flags S/SA
reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
@39 pass in on urtwn0 inet proto udp from any to any port = 1194 reply-to urtwn0
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: uid 0 pid 20191 State Creations: 0 ]
obsd32:i386/tmp 2>sudo gdb
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-unknown-openbsd5.8".
(gdb) file bsd.gdb
Reading symbols from /usr/obj/i386/tmp/bsd.gdb...done.
(gdb) target kvm bsd.2.core
#0 0xd0557ac8 in boot (howto=0) at ../../../../arch/i386/i386/machdep.c:2637
2637 dumpsys();
(gdb) bt
#0 0xd0557ac8 in boot (howto=0) at ../../../../arch/i386/i386/machdep.c:2637
#1 0xd03bb04f in reboot (howto=0) at ../../../../kern/kern_xxx.c:69
#2 0xd037f4b2 in db_boot_crash_cmd (addr=Could not find the frame base for
"db_boot_crash_cmd".
) at ../../../../ddb/db_command.c:730
#3 0xd037fb94 in db_command (last_cmdp=0x0, cmd_table=0xd0b22dc0) at
../../../../ddb/db_command.c:260
#4 0xd037fddf in db_command_loop () at ../../../../ddb/db_command.c:643
#5 0xd0383faa in db_trap (type=1, code=0) at ../../../../ddb/db_trap.c:94
#6 0xd0553edc in kdb_trap (type=1, code=0, regs=0xf5233d7c) at
../../../../arch/i386/i386/db_interface.c:157
#7 0xd0565af5 in trap (frame=0xf5233d7c) at
../../../../arch/i386/i386/trap.c:189
#8 0xd0200b12 in calltrap ()
#9 0xd0553c57 in Debugger () at ../../../../arch/i386/i386/db_interface.c:359
#10 0xd03c9791 in panic (fmt=0xd09a5231 "no appropriate pool for %d/%d") at
../../../../kern/subr_prf.c:214
#11 0xd037023b in pf_postprocess_addr (cur=Variable "cur" is not available.
) at ../../../../net/pf_lb.c:877
#12 0xd035174f in pf_unlink_state (cur=0xd5daf1c4) at ../../../../net/pf.c:1265
#13 0xd03518be in pf_purge_expired_states (maxcheck=8) at
../../../../net/pf.c:1354
#14 0xd03519a6 in pf_purge_thread (v=0xd608fba0) at ../../../../net/pf.c:1161
#15 0xd0200519 in proc_trampoline ()
(gdb) fr 11
#11 0xd037023b in pf_postprocess_addr (cur=Variable "cur" is not available.
) at ../../../../net/pf_lb.c:877
877 panic("no appropriate pool for %d/%d", cur->rule.ptr ?
(gdb) list
872 else if (nr->nat.addr.type != PF_ADDR_NONE)
873 rpool = nr->nat;
874 else if (nr->route.addr.type != PF_ADDR_NONE)
875 rpool = nr->route;
876 else
877 panic("no appropriate pool for %d/%d", cur->rule.ptr ?
878 cur->rule.ptr->nr : -1, nr->nr);
879
880 if (((rpool.opts & PF_POOL_TYPEMASK) != PF_POOL_LEASTSTATES))
881 return (0);
(gdb) info frame
Stack level 11, frame at 0xf5233ed4:
eip = 0xd037023b in pf_postprocess_addr (../../../../net/pf_lb.c:877); saved
eip 0xd035174f
called by frame at 0xf5233f34, caller of frame at 0xf5233e14
source language c.
Arglist at 0xf5233ecc, args: cur=Variable "cur" is not available.
(gdb) info locals
nr = Variable "nr" is not available.
(gdb) p nr->nr
Variable "nr" is not available.
(gdb) down
#10 0xd03c9791 in panic (fmt=0xd09a5231 "no appropriate pool for %d/%d") at
../../../../kern/subr_prf.c:214
214 Debugger();
(gdb) up
#11 0xd037023b in pf_postprocess_addr (cur=Variable "cur" is not available.
) at ../../../../net/pf_lb.c:877
877 panic("no appropriate pool for %d/%d", cur->rule.ptr ?
(gdb) up
#12 0xd035174f in pf_unlink_state (cur=0xd5daf1c4) at ../../../../net/pf.c:1265
1265 pf_postprocess_addr(cur);
(gdb) set height 0
(gdb) p cur
$1 = (struct pf_state *) 0xd5daf1c4
(gdb) p *cur
$2 = {id = 10665649818231553621, creatorid = 601369293, direction = 1 '\001',
pad = "\000\000", sync_list = {tqe_next = 0x0,
tqe_prev = 0x0}, entry_list = {tqe_next = 0xd5ead8c8, tqe_prev =
0xd5dbad38}, entry_id = {rbe_left = 0xd5da5384, rbe_right = 0x0,
rbe_parent = 0xd603c8c8, rbe_color = 0}, src = {scrub = 0x0, seqlo =
2206602467, seqhi = 4222343688, seqdiff = 0,
max_win = 65535, mss = 64, state = 11 '\v', wscale = 0 '\0', tcp_est = 0
'\0', pad = ""}, dst = {scrub = 0x0, seqlo = 0,
seqhi = 1, seqdiff = 0, max_win = 1, mss = 0, state = 0 '\0', wscale = 0
'\0', tcp_est = 0 '\0', pad = ""}, match_rules = {
slh_first = 0xd5f92db8}, rule = {ptr = 0xd5fac4fc, nr = 3589981436}, anchor
= {ptr = 0xd5fbb978, nr = 3590044024}, natrule = {
ptr = 0xd5fac4fc, nr = 3589981436}, rt_addr = {pfa = {v4 = {s_addr = 0}, v6
= {__u6_addr = {__u6_addr8 = '\0' <repeats 15 times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
addr8 = '\0' <repeats 15 times>, addr16 = {0, 0, 0,
0, 0, 0, 0, 0}, addr32 = {0, 0, 0, 0}}}, src_nodes = {slh_first = 0x0},
key = {0xd601b5a8, 0xd601b5a8}, kif = 0xd1895200,
rt_kif = 0xd1951000, packets = {0, 0}, bytes = {0, 0}, creation = 532, expire
= 532, pfsync_time = 0, qid = 0, pqid = 0, tag = 0,
state_flags = 32, log = 0 '\0', timeout = 0 '\0', sync_state = 255 'ΓΏ',
sync_updates = 0 '\0', rtableid = {-1, 0},
min_ttl = 0 '\0', set_tos = 0 '\0', set_prio = "\000", max_mss = 0,
if_index_in = 7, if_index_out = 0, pad2 = "\000"}
(gdb) quit
