I had the same issues with IPFIlter v4.. I ended up downgrading to 3.4.35 and so far have no issues.. I have compiled them using Sun Studio 9 if you would like the packages..
Scott > is 9 kernal ver 12 with no problems at all. > > Does any one know why pfil is causing the panic and dump on teh sol9 > kernal ver 13? Please see the server data per the FAQ's below. The patch > cluster is current as of 12/04 and patch 112233-02 included. > > Thanks > > Dallas > > # uname - a > usage: uname [-snrvmapiX] > uname [-S system_name] > # uname -a > SunOS nsfone 5.9 Generic_117171-13 sun4u sparc SUNW,Sun-Blade-1000 > # isainfo -vk > 64-bit sparcv9 kernel modules > # ifconfig -a > lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 2 > inet 127.0.0.1 netmask ff000000 > eri0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3 > inet 206.168.68.96 netmask ffffff00 broadcast 206.168.68.255 > ether 0:3:ba:16:f6:cf > # netstat -m > streams allocation: > cumulative allocation > current maximum total failures > streams 288 357 19996 0 > queues 752 912 50105 0 > mblk 7584 9271 44657 0 > dblk 7582 9479 1284704 0 > linkblk 6 169 11 0 > strevent 8 169 4909 0 > syncq 15 48 53 0 > qband 2 127 2 0 > > 5650 Kbytes allocated for streams data > # netstat -i > Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis > Queue > lo0 8232 loopback localhost 49839 0 49839 0 0 0 > eri0 1500 nsfone.fone.net nsfone.fone.net 95900 0 87238 6 0 > 0 > > # netstat -s -P ip > > IPv4 ipForwarding = 2 ipDefaultTTL = 255 > ipInReceives = 88072 ipInHdrErrors = 0 > ipInAddrErrors = 0 ipInCksumErrs = 0 > ipForwDatagrams = 0 ipForwProhibits = 0 > ipInUnknownProtos = 0 ipInDiscards = 0 > ipInDelivers =137489 ipOutRequests = 87821 > ipOutDiscards = 0 ipOutNoRoutes = 24 > ipReasmTimeout = 60 ipReasmReqds = 0 > ipReasmOKs = 0 ipReasmFails = 0 > ipReasmDuplicates = 0 ipReasmPartDups = 0 > ipFragOKs = 0 ipFragFails = 0 > ipFragCreates = 0 ipRoutingDiscards = 0 > tcpInErrs = 0 udpNoPorts = 679 > udpInCksumErrs = 0 udpInOverflows = 0 > rawipInOverflows = 0 ipsecInSucceeded = 0 > ipsecInFailed = 0 ipInIPv6 = 0 > # ipf -V > ipf: IP Filter: v4.1.3 (592) > Kernel: IP Filter: v4.1.3 > Running: yes > Log Flags: 0 = none set > Default: pass all, Logging: available > Active list: 1 > Feature mask: 0x187 > # ipfstat > bad packets: in 0 out 0 > IPv6 packets: in 0 out 0 > input packets: blocked 1340 passed 88838 nomatch 1 counted 0 > short 0 > output packets: blocked 118 passed 88515 nomatch 0 counted 0 short > 0 > input packets logged: blocked 0 passed 0 > output packets logged: blocked 0 passed 0 > packets logged: input 0 output 0 > log failures: input 0 output 0 > fragment state(in): kept 0 lost 0 not fragmented 0 > fragment state(out): kept 0 lost 0 not fragmented 0 > packet state(in): kept 1112 lost 0 > packet state(out): kept 26785 lost 118 > ICMP replies: 0 TCP RSTs sent: 0 > Invalid source(in): 0 > Result cache hits(in): 6400 (out): 0 > IN Pullups succeeded: 0 failed: 0 > OUT Pullups succeeded: 928 failed: 0 > Fastroute successes: 0 failures: 0 > TCP cksum fails(in): 0 (out): 0 > IPF Ticks: 4821 > Packet log flags set: (0) > none > # ipfstat -io > pass out quick on lo0 all > pass out quick on eri0 proto udp from any to any keep state > pass out quick on eri0 proto tcp from any to any keep state > pass out quick on eri0 proto icmp from any to any keep state > pass out quick on eri0 proto tcp from any to any port = imap keep state > pass out quick on eri0 proto tcp from any to any port = smtp keep state > pass out quick on eri0 proto tcp from any to any port = pop3 keep state > pass in quick on lo0 all > pass in quick on eri0 proto tcp from any to any port = ftp > pass in quick on eri0 proto tcp from any to any port = ftp-data > pass in quick on eri0 proto tcp from any port = ftp-data to any port > > 1023 > pass in quick on eri0 proto tcp from any to any port = domain > pass in quick on eri0 proto udp from any to any port = domain > pass in quick on eri0 proto tcp from any to any port = imap keep state > pass in quick on eri0 proto tcp from any to any port = smtp keep state > pass in quick on eri0 proto tcp from any to any port = www keep state > pass in quick on eri0 proto tcp from any to any port = 28080 keep state > pass in quick on eri0 proto tcp from any to any port = https > pass in quick on eri0 proto tcp from any to any port = 28080 > pass in quick on eri0 proto tcp from any to any port = pop3 keep state > pass in quick on eri0 proto tcp from 192.9.9.1/32 to any port = imap > pass in quick on eri0 proto tcp from 192.9.9.1/32 to any port = telnet > pass in quick on eri0 proto tcp from 192.9.9.1/32 to any port = ftp > pass in quick on eri0 proto tcp from 192.9.25.10/32 to any port = imap > pass in quick on eri0 proto tcp from 192.9.25.10/32 to any port = telnet > pass in quick on eri0 proto tcp from 192.9.25.10/32 to any port = ftp > pass in quick on eri0 proto tcp from 192.18.98.20/32 to any port = imap > pass in quick on eri0 proto tcp from 192.18.98.20/32 to any port = telnet > pass in quick on eri0 proto tcp from 192.18.98.20/32 to any port = ftp > pass in quick on eri0 proto tcp/udp from 206.168.68.0/24 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 206.168.78.0/24 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 206.168.248.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 206.168.249.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 206.168.250.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 206.168.251.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 206.168.252.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 206.168.253.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 207.174.182.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 207.174.192.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 199.3.18.0/24 to any port = ssh > keep state > pass in quick on eri0 proto tcp/udp from 199.3.123.0/24 to any port = ssh > keep stat > pass in quick on eri0 proto tcp/udp from 204.251.223.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 208.213.220.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 208.213.221.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 208.213.222.0/24 to any port = > ssh keep st > pass in quick on eri0 proto tcp/udp from 207.13.165.0/24 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 63.170.195.0/24 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 192.9.25.10/32 to any port = ssh > keep stat > pass in quick on eri0 proto tcp/udp from 192.18.98.20/32 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 199.45.150.0/24 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 148.65.1.154/32 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 66.17.170.34/32 to any port = ssh > keep sta > pass in quick on eri0 proto tcp/udp from 66.17.168.249/32 to any port = > ssh keep st > pass in quick on eri0 proto tcp from 206.168.68.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.78.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.248.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.249.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.250.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.251.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.252.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.253.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 207.174.182.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 207.174.192.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 199.3.18.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 199.3.123.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 204.251.223.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 208.213.220.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 208.213.221.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 208.213.222.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 207.13.165.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 63.170.195.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 63.173.128.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 65.172.252.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 65.172.253.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 209.17.183.0/24 to any port = telnet > pass in quick on eri0 proto tcp from 148.65.1.154/32 to any port = telnet > pass in quick on eri0 proto tcp from 206.168.68.0/24 to any port = prism > keep state > pass in quick on eri0 proto tcp/udp from 206.168.68.36/32 to any keep > state > pass in quick on eri0 proto tcp/udp from 206.168.68.100/32 to any keep > state > pass in quick on eri0 proto tcp from 206.168.78.0/24 to any port = prism > pass in quick on eri0 proto tcp from 206.168.248.0/24 to any port = prism > pass in quick on eri0 proto tcp from 206.168.249.0/24 to any port = prism > pass in quick on eri0 proto tcp from 206.168.250.0/24 to any port = prism > pass in quick on eri0 proto tcp from 206.168.251.0/24 to any port = prism > pass in quick on eri0 proto tcp from 206.168.252.0/24 to any port = prism > pass in quick on eri0 proto tcp from 206.168.253.0/24 to any port = prism > pass in quick on eri0 proto tcp from 207.174.182.0/24 to any port = prism > pass in quick on eri0 proto tcp from 207.174.192.0/24 to any port = prism > pass in quick on eri0 proto tcp from 199.3.18.0/24 to any port = prism > pass in quick on eri0 proto tcp from 199.3.123.0/24 to any port = prism > pass in quick on eri0 proto tcp from 204.251.223.0/24 to any port = prism > pass in quick on eri0 proto tcp from 208.213.220.0/24 to any port = prism > pass in quick on eri0 proto tcp from 208.213.221.0/24 to any port = prism > pass in quick on eri0 proto tcp from 208.213.222.0/24 to any port = prism > pass in quick on eri0 proto tcp from 207.13.165.0/24 to any port = prism > pass in quick on eri0 proto tcp from 63.170.195.0/24 to any port = prism > pass in quick on eri0 proto tcp from 63.173.128.0/24 to any port = prism > pass in quick on eri0 proto udp from 206.168.68.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.78.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.248.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.249.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.250.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.251.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.252.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.253.0/24 to any port = radius > pass in quick on eri0 proto udp from 207.174.182.0/24 to any port = radius > pass in quick on eri0 proto udp from 207.174.192.0/24 to any port = radius > pass in quick on eri0 proto udp from 199.3.18.0/24 to any port = radius > pass in quick on eri0 proto udp from 199.3.123.0/24 to any port = radius > pass in quick on eri0 proto udp from 204.251.223.0/24 to any port = radius > pass in quick on eri0 proto udp from 208.213.220.0/24 to any port = radius > pass in quick on eri0 proto udp from 208.213.221.0/24 to any port = radius > pass in quick on eri0 proto udp from 208.213.222.0/24 to any port = radius > pass in quick on eri0 proto udp from 207.13.165.0/24 to any port = radius > pass in quick on eri0 proto udp from 63.170.195.0/24 to any port = radius > pass in quick on eri0 proto udp from 63.173.128.0/24 to any port = radius > pass in quick on eri0 proto udp from 63.173.129.0/24 to any port = radius > pass in quick on eri0 proto udp from 206.168.68.0/24 to any port = radacct > pass in quick on eri0 proto udp from 206.168.78.0/24 to any port = radacct > pass in quick on eri0 proto udp from 206.168.248.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 206.168.249.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 206.168.250.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 206.168.251.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 206.168.252.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 206.168.253.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 207.174.182.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 207.174.192.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 199.3.18.0/24 to any port = radacct > pass in quick on eri0 proto udp from 199.3.123.0/24 to any port = radacct > pass in quick on eri0 proto udp from 204.251.223.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 208.213.220.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 208.213.221.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 208.213.222.0/24 to any port = > radacct > pass in quick on eri0 proto udp from 207.13.165.0/24 to any port = radacct > pass in quick on eri0 proto udp from 63.170.195.0/24 to any port = radacct > pass in quick on eri0 proto udp from 63.173.128.0/24 to any port = radacct > pass in quick on eri0 proto udp from 63.173.129.0/24 to any port = radacct > pass in quick on eri0 proto udp from 206.168.68.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.78.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.248.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.249.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.250.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.251.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.252.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 206.168.253.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 207.174.182.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 207.174.192.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 199.3.18.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 199.3.123.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 204.251.223.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 208.213.220.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 208.213.221.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 208.213.222.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 207.13.165.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 63.170.195.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 63.173.128.0/24 to any port = 1642 > pass in quick on eri0 proto udp from 63.173.129.0/24 to any port = 1642 > pass in quick on eri0 proto tcp/udp from 206.168.68.165/32 to any > pass in quick on eri0 proto tcp/udp from 206.168.68.4/32 to any > pass in quick on eri0 proto tcp/udp from 206.168.68.27/32 to any > pass in quick on eri0 proto tcp/udp from 206.168.68.28/32 to any > pass in quick on eri0 proto tcp/udp from 206.168.68.2/32 to any > pass in quick on eri0 proto tcp/udp from 206.168.68.15/32 to any > pass in quick on eri0 proto icmp from any to any icmp-type timex code 0 > pass in quick on eri0 proto icmp from any to any > block in on eri0 proto udp from any to any > block return-rst in on eri0 proto tcp from any to any > block in on eri0 from any to any > > Panic errors from Core dump: > 000002a1003f6821 mutex_enter+4(3000c3afcf0, 0, 780da3e8, 2a1003f7150, > 3000a40dca4, cff3) > 000002a1003f68e1 fr_updatestate+0x98(2a1003f73c0, 3000c3afbf0, 780da3e8, > 2a1003f7424, 3000039976b, > 2a1003f7414) > 000002a1003f69b1 fr_checkstate+0x3e4(2a1003f73c0, 2a1003f73a8, > 2a1003f73c0, ffff95b8, 8, 8) > 000002a1003f6ab1 fr_check+0x784(3000a40dc90, 14, 30004c49ed8, 0, > 2a1003f7640, 2a1003f78a8) > 000002a1003f6ca1 pfil_precheck+0xfcc(30004790cc0, 2a1003f78a8, 1, > 30004c49ed8, 8f18e00, 0) > 000002a1003f6ef1 pfilmodrput+0x520(30004790cc0, 3001fde65c0, 20, 0, > 6f726700, 10001) > 000002a1003f7021 putnext+0x21c(0, 3001fde65c0, 300025184a0, 3510, 10, 0) > 000002a1003f70d1 eri_read_dma+0x35c(3001fde65c0, ffff, 780bfd04, 60, fc00, > 1) > 000002a1003f71c1 eri_intr+0x434(300047e6278, 1c000, 10220, 10278, 10290, > 10270) > 000002a1003f72a1 pci_intr_wrapper+0x7c(300024fbb18, 21d, 30002514000, > 2a1003f7d40, 43a0, 11caf40) > 000002a1003f7351 intr_thread+0x12c(78035d60, 0, 23, 1, 8, 8) > 000002a100669a71 get_unit+0x98(3000c3afbf0, 0, 20, 0, cea84460, > 3000a4bcec0) > 000002a100669b51 fr_stinsert+0x384(3000c3afbf0, 0, 1c, 4, 0, 0) > 000002a100669c31 fr_addstate+0x1154(2a10066aa00, 0, 0, 780dad53, 780d6c88, > 2a10066aa00) > 000002a10066a011 fr_firewall+0x5e4(2a10066aa00, 2a10066a9e8, 2a10066aa00, > 3, 0, 0) > 000002a10066a0f1 fr_check+0x7c4(30004cb95d8, 14, 30004c49ed8, 1, > 2a10066ac80, 2a10066aed8) > 000002a10066a2e1 pfil_precheck+0xfcc(30004790db0, 2a10066aed8, 2, > 30004c49ed8, 0, 0) > 000002a10066a531 pfilmodwput+0x260(30004790db0, 30010eaafc0, 20, > 30004cb95ec, 15cb52f2, 2000100) > 000002a10066a651 putnext+0x21c(0, 30010eaafc0, 0, 8000000, 800, > ba16f6cf0800) > 000002a10066a701 ip_wput_ire+0xacc(10000, 30000070030, 3, ffff, cea84460, > 30010eaafc0) > 000002a10066a8f1 ip_wput+0x4d4(0, 0, cea8440f, 30004cb95d8, 0, 6c) > 000002a10066a9a1 putnext+0x21c(0, 3000247ff80, 20, 0, 60, 10) > 000002a10066aa51 udp_wput+0x5b0(111, 14, 111, 30004cb95ec, 30004cb95d8, > 10) > 000002a10066ab21 putnext+0x21c(0, 30010e77a00, 20, 30010eaafc0, 0, 10) > 000002a10066abd1 strput+0x270(3000aacc318, 0, 0, 2a10066b698, 0, 0) > 000002a10066adc1 kstrputmsg+0x36c(3000b5c5ad0, 3000af5a1c0, 0, 0, 0, 0) > 000002a10066aea1 sosend_dgram+0x25c(0, 30010e1dd38, 10, 2a10066ba00, 8, > 67) > 000002a10066af91 sosendmsg+0x3f4(0, 30010e1dd38, 7, 20, 4c, 6c) > 000002a10066b051 sendit+0x15c(2a10066ba00, 8, 3000b5c5ad0, 8, 6c, 6c) > 000002a10066b121 sendto+0x78(17, ffbfea90, 109, 0, ffbfe9b0, 10) > 000002a10066b241 sendto32+0x3c(17, ffbfea90, 109, 0, ffbfe9b0, 10) > 000002a10066b2f1 syscall_trap32+0xa8(17, ffbfea90, 109, 0, ffbfe9b0, 10) > > load averages: 0.21, 0.19, 0.17 nsfone > 12:19:55 > 87 processes: 85 sleeping, 1 stopped, 1 on cpu > CPU states: % idle, % user, % kernel, % iowait, % swap > Memory: 8.0G real, 6.8G free, 609M swap in use, 15.0G swap free >
