On Wed, May 28, 2003 at 05:35:05AM -0700, Greg Rumple wrote: > * Guido van Rooij ([EMAIL PROTECTED]) [030527 23:41]: > > On Tue, May 27, 2003 at 01:05:48PM -0700, Greg Rumple wrote: > > > Okay, I've built a FreeBSD 4.8 box (4.8-RELEASE) to be a firewall for a > > > very large internet site. The box is a Celeron 466 (Pentium 3 based) > > > with 256MB of ram (yeah I know, thrifty aren't I?). I'm using a very > > > complex setup (as this was built to replace a PIX, and therefore it was > > > configured to be a direct drop in replacement (hence the extremely > > > complex configuration)), and have it working fine short of 1 problem. > > > Every 12 hours now I experience a kernel panic. I built a debug kernel > > > and here is the backtrace (the relevant part at least) of the crash. > > > > I see this with a friend of mine as well. Do you happen to have ipv6 enabled > > on this system (even if you happen to have empty ipv6 rulesets for ipf)? > > Can you check, in the coredump, if ip_natin() argument > > ip points to an icmp packet? > > So far 2 crashs later, the packet in both cases in the ip_natin code > (print *ip) is a TCP packet.
DO you have a kernel with Ipv6? If not, this certainly does not apply to you. -Guido
