Hi all. I have troubles running one server and recompiled kernel with
DDB/WITNESS. I'll post some LOR's I can find.
This one is highly reproducible as this happens each time sshguard adds
address to the table.
Mar 21 09:26:07 kohrah sshguard[5196]: Blocking 222.246.132.247:4 for
>945secs: 40 danger in 4 attacks over 45 seconds (all: 80d in 2 abuses
over 1079s).
Mar 21 09:26:07 kohrah kernel: uma_zalloc_arg: zone "pfrktable" with the
following non-sleepable locks held:
Mar 21 09:26:07 kohrah kernel: exclusive sleep mutex pf task mtx (pf
task mtx) r = 0 (0xffffffff81104bf0) locked @
/usr/src/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:1589
Mar 21 09:26:07 kohrah kernel: KDB: stack backtrace:
Mar 21 09:26:07 kohrah kernel: db_trace_self_wrapper() at
db_trace_self_wrapper+0x2b
Mar 21 09:26:07 kohrah kernel: kdb_backtrace() at kdb_backtrace+0x39
Mar 21 09:26:07 kohrah kernel: witness_warn() at witness_warn+0x434
Mar 21 09:26:07 kohrah kernel: uma_zalloc_arg() at uma_zalloc_arg+0x38
Mar 21 09:26:07 kohrah kernel: pfr_create_ktable() at pfr_create_ktable+0x33
Mar 21 09:26:07 kohrah kernel: pfr_add_addrs() at pfr_add_addrs+0x10b
Mar 21 09:26:07 kohrah kernel: pfioctl() at pfioctl+0x34ad
Mar 21 09:26:07 kohrah kernel: devfs_ioctl_f() at devfs_ioctl_f+0xf2
Mar 21 09:26:07 kohrah kernel: kern_ioctl() at kern_ioctl+0x1aa
Mar 21 09:26:07 kohrah kernel: sys_ioctl() at sys_ioctl+0x146
Mar 21 09:26:07 kohrah kernel: amd64_syscall() at amd64_syscall+0x211
Mar 21 09:26:07 kohrah kernel: Xfast_syscall() at Xfast_syscall+0xfb
Mar 21 09:26:07 kohrah kernel: --- syscall (54, FreeBSD ELF64,
sys_ioctl), rip = 0x800d9c82c, rsp = 0x7fffffffcd58, rbp =
0x7fffffffd1e0 ---
Mar 21 09:26:07 kohrah kernel: uma_zalloc_arg: zone "pfrkentry" with the
following non-sleepable locks held:
Mar 21 09:26:07 kohrah kernel: exclusive sleep mutex pf task mtx (pf
task mtx) r = 0 (0xffffffff81104bf0) locked @
/usr/src/sys/modules/pf/../../contrib/pf/net/pf_table.c:75
Mar 21 09:26:07 kohrah kernel: KDB: stack backtrace:
Mar 21 09:26:07 kohrah kernel: db_trace_self_wrapper() at
db_trace_self_wrapper+0x2b
Mar 21 09:26:07 kohrah kernel: kdb_backtrace() at kdb_backtrace+0x39
Mar 21 09:26:07 kohrah kernel: witness_warn() at witness_warn+0x434
Mar 21 09:26:07 kohrah kernel: uma_zalloc_arg() at uma_zalloc_arg+0x38
Mar 21 09:26:07 kohrah kernel: pfr_add_addrs() at pfr_add_addrs+0x37c
Mar 21 09:26:07 kohrah kernel: pfioctl() at pfioctl+0x34ad
Mar 21 09:26:07 kohrah kernel: devfs_ioctl_f() at devfs_ioctl_f+0xf2
Mar 21 09:26:07 kohrah kernel: kern_ioctl() at kern_ioctl+0x1aa
Mar 21 09:26:07 kohrah kernel: sys_ioctl() at sys_ioctl+0x146
Mar 21 09:26:07 kohrah kernel: amd64_syscall() at amd64_syscall+0x211
Mar 21 09:26:07 kohrah kernel: Xfast_syscall() at Xfast_syscall+0xfb
Mar 21 09:26:07 kohrah kernel: --- syscall (54, FreeBSD ELF64,
sys_ioctl), rip = 0x800d9c82c, rsp = 0x7fffffffcd58, rbp =
0x7fffffffd1e0 ---
Sample config:
Install security/sshguard-pf.
== /etc/pf.conf
table sshguard persist
==
== /etc/syslog.conf
auth.info;authpriv.info |exec /usr/local/sbin/sshguard
==
Try to ssh to the box typing garbage as password, after 4 fails client
address is temporarily banned and pushed to the table.
--
Sphinx of black quartz judge my vow.
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"