[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 Mark Johnston changed: What|Removed |Added CC||ma...@freebsd.org Status|New |In Progress Assignee|i...@freebsd.org|ma...@freebsd.org -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 --- Comment #6 from commit-h...@freebsd.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=652908599b6fa7285ee60cb567b97e70b648ac29 commit 652908599b6fa7285ee60cb567b97e70b648ac29 Author: Mark Johnston AuthorDate: 2021-04-21 19:38:01 + Commit: Mark Johnston CommitDate: 2021-04-21 19:47:05 + Add required checks for unmapped mbufs in ipdivert and ipfw Also add an M_ASSERTMAPPED() macro to verify that all mbufs in the chain are mapped. Use it in ipfw_nat, which operates on a chain returned by m_megapullup(). PR: 255164 Reviewed by:ae, gallatin MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29838 sys/netinet/ip_divert.c | 6 ++ sys/netpfil/ipfw/ip_fw_nat.c | 1 + sys/netpfil/ipfw/nat64/nat64_translate.c | 10 ++ sys/sys/mbuf.h | 11 +++ 4 files changed, 28 insertions(+) -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 --- Comment #5 from 0xcdcdc...@gmail.com --- I installed the patched ipdivert.ko and enabled the sendfile for nginx. A few hours passed, but still no panic. I will report it if it occurs. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 --- Comment #4 from 0xcdcdc...@gmail.com --- Thanks for your advices. I disabled the sendfile for nginx and confirmed that it works stably. I'm building a kernel with the patch you provided, so I'm going to apply it and check it out. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 --- Comment #3 from Joshua Kinard --- This might be related to the issue I reported in Bug #255104, where I get random crashes/panics shortly after activating a divert(4) rule in my IPFW firewall to route packets to Snort for inline inspection. WLAN traffic seems to more easily trigger it than wired LAN traffic. I'll look at trying to test this patch in the next few days to see if it resolves the issue somewhat (or makes it less likely to happen). -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 --- Comment #2 from Andrey V. Elsukov --- Created attachment 224248 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=224248=edit proposed patch (untested) -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 Andrey V. Elsukov changed: What|Removed |Added CC||a...@freebsd.org --- Comment #1 from Andrey V. Elsukov --- Did you try to disable sendfile for nginx? I think this can be related to lack of mb_unmapped_to_ext() call in ip_divert() code. ipfw_nat and ipfw_nat64 also seems need to be modified. Do you have saved core dump from this panic? -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
[Bug 255164] Panic with ipfw/nat under 13.0-RELEASE amd64
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255164 Mark Linimon changed: What|Removed |Added Keywords||panic, regression Assignee|b...@freebsd.org|i...@freebsd.org -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"