subject:"\[Bug 216719\] panic\: ipfw_check_frame\: unknown retval \- while trying to ipfw nat incoming packet without translation state \(can be L2 firewall related\)"

[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)

2017-02-28 Thread bugzilla-noreply

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216719

smi...@nimnet.asn.au changed:

   What|Removed |Added

 CC||smi...@nimnet.asn.au

--- Comment #2 from smi...@nimnet.asn.au ---
(In reply to bsd from comment #1)

You have set net.link.ether.ipfw=1b

Are you using any rules for layer2 ?  If not, set that to 0.  If so,
likely best to follow the example in ipfw(8) /PACKET FLOW to separate
layer2 from layer 3 processing, otherwise every rule is tested on
both layer2 and layer 3 passes, i.e. usually on each of 4 passes.

Which is why adding 'not layer2'  to the nat rule fixed it here, but
other dragons may lie hidden in other rules checked at both layers.

But of course, it shouldn't panic .. backtrace looks all layer2.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)

2017-02-28 Thread bugzilla-noreply

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216719

--- Comment #1 from b...@kobyla.org ---
Adding the "not layer2" to ipfw nat rule helps to avoid this problem

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)

2017-02-03 Thread bugzilla-noreply

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=216719

Mark Linimon  changed:

   What|Removed |Added

   Assignee|freebsd-b...@freebsd.org|freebsd-ipfw@FreeBSD.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-ipfw@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)

[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)

[Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related)

3 matches

Site Navigation

Mail list logo

Footer information