RE: mssclamp in 4.1

This is a discussion on RE: mssclamp in 4.1 within the IPFilter forums, part of the System Security and Security Related category; Darren, We are getting closer... 1. Install pfil 2. Reboot 3. Install ipf and ipfx 4. Test and everything working ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page RE: mssclamp in 4.1

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-17-2004
Adam Summerfield
 
Posts: n/a
Default RE: mssclamp in 4.1
Darren,

We are getting closer...

1. Install pfil
2. Reboot
3. Install ipf and ipfx
4. Test and everything working
5. pkill pppd and kernel panic (kernel messages below)
6. server reboots
7. can ping from server but ipnat -l shows no active sessions and nat not working
8. stop and restart ipf
9. can no longer ping from server
10. pkill pppd and kernel panic


Feb 17 19:06:06 bigpond unix: [ID 836849 kern.notice]
Feb 17 19:06:06 bigpond ^Mpanic[cpu0]/thread=30001448820:
Feb 17 19:06:06 bigpond unix: [ID 763660 kern.notice] recursive rw_enter, lp=78036a28 wwwh=30001448824 thread=30001448820
Feb 17 19:06:06 bigpond unix: [ID 100000 kern.notice]
Feb 17 19:06:06 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1110 ipf:get_unit+6c (3000696ba28, 4, 0, 14000d0, 0, 5400)
Feb 17 19:06:06 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000001400000 0000030001448820 0000030000056308
0000000000000000
Feb 17 19:06:06 bigpond %l4-7: 0000030000056308 0000030000056310 00000000014b0800 0000030002a38678
Feb 17 19:06:06 bigpond genunix: [ID 723222 kern.notice] 000002a1005f11f0 ipf:frsynclist+15c (3000696b918, 0, 20, c00000001ed80676,
1400000,
0)
Feb 17 19:06:06 bigpond genunix: [ID 179002 kern.notice] %l0-3: 000003000696b918 0000000000000000 000003000000efc8
ffffffffffffffff
Feb 17 19:06:06 bigpond %l4-7: 000003000000f170 000003000000f198 000003000000f1c0 00000300016475f0
Feb 17 19:06:06 bigpond genunix: [ID 723222 kern.notice] 000002a1005f12c0 ipf:frsync+8c (3000000f1c0, 0, 20, 0, 30001647618,
30002948d18)
Feb 17 19:06:06 bigpond genunix: [ID 179002 kern.notice] %l0-3: 000003000000efc8 00000300034852b8 00000300016475f0
0000000000000001
Feb 17 19:06:06 bigpond %l4-7: 0000030000008560 0000000000002200 00000300005ffd48 0000000001111824
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1390 ipf:fr_qifsync+24 (0, 0, 30000a1d968, 1, 30000a1d968, 0)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 00000300029489a0 0000000000000000 000003000000f1c0
0000030002948a08
Feb 17 19:06:07 bigpond %l4-7: 000003000000f198 0000030000008658 0000000000000000 00000300014ac4a0
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1450 pfil:qif_delete+2a4 (30000a1d968, 30002948628, 20,
300007c7f18, 0,
0)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000000000000 000003000004caa8 0000030000014d40
00000300014ac4a0
Feb 17 19:06:07 bigpond %l4-7: 00000300016475f0 0000030002948718 0000000000000001 0000030002948628
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1540 pfil:pfilmodclose+c8 (30002948628, 83, 3000025b928,
30002948840, 0,
ffbffa19)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000000000400 000000000000008f 0000000000000000
0000000000010001
Feb 17 19:06:07 bigpond %l4-7: 0000000000000100 0000000000007fff 0000000000000400 0000000000004400
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1610 genunix:qdetach+a8 (30002948628, 1, 83, 3000025b928, 0,
31)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 000000000138d568 0000030002948718 0000000000000000
00000300005bb170
Feb 17 19:06:07 bigpond %l4-7: 0000000000000083 000003000025b928 0000000000004400 0000000000000002
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f16c0 genunix:strclose+3c8 (83, 3000025b928, 300014ac528,
30002937c80, 10
0, 300007c7ee0)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 00000000014916f0 00000300014ac520 00000300014ac4a0
0000030002948c28
Feb 17 19:06:07 bigpond %l4-7: 0000030002948caa 0000030002948718 0000000000000012 0000000000000080
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1780 specfs:device_close+98 (30002937d98, 83, 3000025b928,
3000025b928,
2a1005f1aec, 5400)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000000000083 0000000000000000 000003000025b928
0000000000000000
Feb 17 19:06:07 bigpond %l4-7: 0000000000000000 00000300014ac520 0000000000000000 0000030002a38678
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1830 specfs:spec_close+128 (30002937d78, fc00, 1, 0,
3000025b928, 0)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000000000100 0000000000000000 000000ba00000001
0000030002937d98
Feb 17 19:06:07 bigpond %l4-7: 0000000000000083 0000000000100083 0000030002937d90 0000030002937c78
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f18e0 genunix:closef+54 (3000266af60, 30001448820, 20, 100083,
3000025b92
8, 2a1005f1aec)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000001175c7c 0000000000000001 0000030002937d98
00000300029474a0
Feb 17 19:06:07 bigpond %l4-7: 0000000001491400 0000000000000028 000000000005d000 000000000005c800
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1990 genunix:closeandsetf+380 (0, 3000266af60, 17, 30000000,
3000, ff00)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000000000000 00000300014b25a8 0000000000000050
0000000000000002
Feb 17 19:06:07 bigpond %l4-7: 00000300029474a0 0000000000000000 0000000000000000 0000000000000050
Feb 17 19:06:07 bigpond genunix: [ID 723222 kern.notice] 000002a1005f1a40 genunix:close+8 (2, 5317, 17, fffffff8, 0, ffbffa19)
Feb 17 19:06:07 bigpond genunix: [ID 179002 kern.notice] %l0-3: 0000000082001a07 0000000000000016 0000000000000000
0000000000000003
Feb 17 19:06:07 bigpond %l4-7: 0000000000000000 0000000080000000 0000030001448820 000002a1005f1ba0
Feb 17 19:06:07 bigpond unix: [ID 100000 kern.notice]



-----Original Message-----
From: Darren Reed [mailto:darrenr@reed.wattle.id.au]
Sent: Monday, 16 February 2004 10:05 PM
To: Adam Summerfield
Cc: 'Darren Reed'; ipfilter@coombs.anu.edu.au
Subject: Re: mssclamp in 4.1

This patch is for pfil and should resolve the panics.

Darren

Index: pfilstream.c
================================================== =================
RCS file: /devel/CVS/pfil/pfilstream.c,v
retrieving revision 1.56
diff -c -r1.56 pfilstream.c
*** pfilstream.c 2004/01/17 12:05:48 1.56
--- pfilstream.c 2004/02/16 10:55:44
***************
*** 202,208 ****
/* Function: pfilbind */
/* Returns: int - 0 == success, else error */
/* Parameters: q(I) - pointer to queue */
- /* Write Lock: pfil_rw */
/* */
/* Check to see if a queue (or the otherside of it) is missing a qif_t */
/* structure. If neither have one then allocate a new one, else copy the */
--- 202,207 ----
***************
*** 315,323 ****

#ifdef SIOCGTUNPARAM
case SIOCGTUNPARAM :
- WRITE_ENTER(&pfil_rw);
qif_attach(q);
- RW_EXIT(&pfil_rw);
break;
#endif

--- 314,320 ----
Index: SunOS/qif.c
================================================== =================
RCS file: /devel/CVS/pfil/SunOS/qif.c,v
retrieving revision 1.43
diff -c -r1.43 qif.c
*** qif.c 2004/01/15 11:24:01 1.43
--- qif.c 2004/02/16 10:57:40
***************
*** 263,269 ****
/* Function: qif_attach */
/* Returns: int - 0 == success, -1 == error in attaching qif_t to q */
/* Parameters: rq(I) - pointer to STREAMS read queue */
- /* Write Lock: pfil_rw */
/* */
/* Attempt to bind a qif_t structure to a specific interface given the */
/* queue pointer. Assumes the queue already has a qif_t structure tagged */
--- 263,268 ----
***************
*** 277,282 ****
--- 276,282 ----
qif_t *qif;
ill_t *ill;

+ WRITE_ENTER(&pfil_rw);
/*
* Can we map the queue to a specific ill? If not, go no futher, we
* are only interested in being associated with queues that we can
***************
*** 288,293 ****
--- 288,294 ----
cmn_err(CE_NOTE,
"PFIL: cannot find interface for rq %p",
(void *)rq);
+ RW_EXIT(&pfil_rw);
return -1;
}

***************
*** 312,319 ****
* all the information has been set with qf_bound finally set to 1
* after that.
*/
! if (qif->qf_bound == 1)
return 0;

qif->qf_sap = ill->ill_sap;
qif->qf_ppa = ill->ill_ppa;
--- 313,322 ----
* all the information has been set with qf_bound finally set to 1
* after that.
*/
! if (qif->qf_bound == 1) {
! RW_EXIT(&pfil_rw);
return 0;
+ }

qif->qf_sap = ill->ill_sap;
qif->qf_ppa = ill->ill_ppa;
***************
*** 325,330 ****
--- 328,334 ----
qif->qf_ill = ill;
qif->qf_bound = 1;
qif_ipmp_syncslave(qif);
+ RW_EXIT(&pfil_rw);

READ_ENTER(&pfh_sync.ph_lock);


Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 08:16 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0