Re: ipfstat not clearing the state table - a similar problem?

This is a discussion on Re: ipfstat not clearing the state table - a similar problem? within the IPFilter forums, part of the System Security and Security Related category; Simon A. Boggis wrote: > Darren Reed wrote: > >> Corey Johnston wrote: >> >>> Yeah, ...


Go Back   Usenet Forums > System Security and Security Related > IPFilter

Reload this Page Re: ipfstat not clearing the state table - a similar problem?

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 12-14-2006
Darren Reed
 
Posts: n/a
Default Re: ipfstat not clearing the state table - a similar problem?
Simon A. Boggis wrote:
> Darren Reed wrote:
>
>> Corey Johnston wrote:
>>
>>> Yeah, I'm having problems with that line too.
>>> Looks safe to me to change ISL_UNLOAD to 0.
>>>
>> For some reason ip_state.h must have escaped being in the diff.
>>
>> Using 0 will work better for you than what the actual one would :)
>>
>> Darren
>>
>>
>
> There's a problem with the patch - I've patched and rebuilt a test
> system before trying it on my live one, unfortunately:
>
> ipfstat -sl
>
> now dumps core:
>
> # cd /usr/src/ipfilter/ip_fil4.1.13_with_QM_patches_plus_Darrens_orph.pat ch
> # gdb BSD/FreeBSD-5.4-RELEASE-p22-i386/ipfstat /root/ipfstat.core
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "i386-marcel-freebsd"...
> Core was generated by `ipfstat'.
> Program terminated with signal 10, Bus error.
> Reading symbols from /lib/libncurses.so.5...done.
> Loaded symbols for /lib/libncurses.so.5
> Reading symbols from /lib/libkvm.so.2...done.
> Loaded symbols for /lib/libkvm.so.2
> Reading symbols from /lib/libc.so.5...done.
> Loaded symbols for /lib/libc.so.5
> Reading symbols from /libexec/ld-elf.so.1...done.
> Loaded symbols for /libexec/ld-elf.so.1
> #0 printstate (sp=0xc379c000, opts=262176, now=443)
> at ../../lib/printstate.c:24
> 24 if (sp->is_phnext == NULL)
> (gdb) bt
> #0 printstate (sp=0xc379c000, opts=262176, now=443)
> at ../../lib/printstate.c:24
> #1 0x0804abb4 in showipstates (ipsp=0xbfbfeafc) at
> ./../tools/ipfstat.c:983
> #2 0x08049b26 in main (argc=2, argv=0xbfbfeaf4) at
> ./../tools/ipfstat.c:376
> (gdb) frame 0
> #0 printstate (sp=0xc379c000, opts=262176, now=443)
> at ../../lib/printstate.c:24
> 24 if (sp->is_phnext == NULL)
> (gdb) print sp
> $1 = (ipstate_t *) 0xc379c000
> (gdb) print *sp
> Cannot access memory at address 0xc379c000
> (gdb) list
> 19 synclist_t ipsync;
> 20
> 21 if (kmemcpy((char *)&ips, (u_long)sp, sizeof(ips)))
> 22 return NULL;
> 23
> 24 if (sp->is_phnext == NULL)
> 25 PRINTF("ORPHAN ");
> 26 PRINTF("%s -> ", hostname(ips.is_v, &ips.is_src.in4));
> 27 PRINTF("%s pass %#x pr %d state %d/%d bkt %d\n",
> 28 hostname(ips.is_v, &ips.is_dst.in4)
>

he he he....change line 24 to be:

if (ips.is_phnext == NULL)

I don't know how this works for me on NetBSD but it does.

Darren

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:55 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0