can you tell me
upgrade IPFilter to what version ?
my box is freebsd 4.10 , IP Filter v3.4.31,
Darren Reed
[EMAIL PROTECTED]
say:
The best advice I can give you is to upgrade IPFilter on that box and recompile your kernel with it.
Darren
this problem how fix, who can help
me!
---------------------------------------------
List: ipfilter
Subject: IPNAT cause FreeBSD kernel crash
From: "Tang Li Yong" <tly () infosec ! pku ! edu ! cn>
Date: 2003-03-21 8:27:46
[Download message RAW]
It seems that there exists a very boring bug in IPNAT. Does anyone know how
to solve it?
Here's the description of this problem:
We must use ipnat to map our internal hosts to an address pool. First I
established a testing environment as below:
|
fxp0|192.168.101.10
+--+--+
| GW |
+--+--+
fxp1|10.0.0.1
|
+----------+---------- +
| | |
A (.11) B (.12) C (.13)
GW is a FreeBSD 4.7 box with ipfilter 3.4.29. A, B and C are 3 internal
hosts. The ipnat script in GW is:
map fxp0 from any to any -> 192.168.101.10-192.168.101.11 portmap
TCP/UDP auto
map fxp0 from any to any -> 192.168.101.10-192.168.101.11
I tried to "ping 192.168.101.1" on A, everything is OK. And then I tried to
"ping 192.168.101.1" on B without let A stop, everything is OK also. But
when C took part in this game, the GW crashed immediately. :-(
If I increased the number of the addresses in the pool, I can let more hosts
ping the same host simultaneously. But when the number of hosts goes beyond
the number of addresses, the same problem happen again.
I will be very glad if anybody can tell me how to do. Thanks ahead.
With best regards,
--Leroy Tang
---------------------------------------------
Subject: IPNAT cause FreeBSD kernel crash
From: "Tang Li Yong" <tly () infosec ! pku ! edu ! cn>
Date: 2003-03-21 8:27:46
[Download message RAW]
It seems that there exists a very boring bug in IPNAT. Does anyone know how
to solve it?
Here's the description of this problem:
We must use ipnat to map our internal hosts to an address pool. First I
established a testing environment as below:
|
fxp0|192.168.101.10
+--+--+
| GW |
+--+--+
fxp1|10.0.0.1
|
+----------+---------- +
| | |
A (.11) B (.12) C (.13)
GW is a FreeBSD 4.7 box with ipfilter 3.4.29. A, B and C are 3 internal
hosts. The ipnat script in GW is:
map fxp0 from any to any -> 192.168.101.10-192.168.101.11 portmap
TCP/UDP auto
map fxp0 from any to any -> 192.168.101.10-192.168.101.11
I tried to "ping 192.168.101.1" on A, everything is OK. And then I tried to
"ping 192.168.101.1" on B without let A stop, everything is OK also. But
when C took part in this game, the GW crashed immediately. :-(
If I increased the number of the addresses in the pool, I can let more hosts
ping the same host simultaneously. But when the number of hosts goes beyond
the number of addresses, the same problem happen again.
I will be very glad if anybody can tell me how to do. Thanks ahead.
With best regards,
--Leroy Tang
---------------------------------------------
