* Guido van Rooij ([EMAIL PROTECTED]) [030527 23:41]: > On Tue, May 27, 2003 at 01:05:48PM -0700, Greg Rumple wrote: > > Okay, I've built a FreeBSD 4.8 box (4.8-RELEASE) to be a firewall for a > > very large internet site. The box is a Celeron 466 (Pentium 3 based) > > with 256MB of ram (yeah I know, thrifty aren't I?). I'm using a very > > complex setup (as this was built to replace a PIX, and therefore it was > > configured to be a direct drop in replacement (hence the extremely > > complex configuration)), and have it working fine short of 1 problem. > > Every 12 hours now I experience a kernel panic. I built a debug kernel > > and here is the backtrace (the relevant part at least) of the crash. > > I see this with a friend of mine as well. Do you happen to have ipv6 enabled > on this system (even if you happen to have empty ipv6 rulesets for ipf)? > Can you check, in the coredump, if ip_natin() argument > ip points to an icmp packet?
So far 2 crashs later, the packet in both cases in the ip_natin code (print *ip) is a TCP packet. > > -Guido > -- Greg Rumple [EMAIL PROTECTED]
