From nobody@FreeBSD.org  Sat Oct 16 22:06:46 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6560B16A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 16 Oct 2004 22:06:46 +0000 (GMT)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4173843D41
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 16 Oct 2004 22:06:46 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.11/8.12.11) with ESMTP id i9GM6jnW072525
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 16 Oct 2004 22:06:45 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.11/8.12.11/Submit) id i9GM6j4M072524;
	Sat, 16 Oct 2004 22:06:45 GMT
	(envelope-from nobody)
Message-Id: <200410162206.i9GM6j4M072524@www.freebsd.org>
Date: Sat, 16 Oct 2004 22:06:45 GMT
From: Berend <berend@kubus.cx>
To: freebsd-gnats-submit@FreeBSD.org
Subject: kernel panic with pf
X-Send-Pr-Version: www-2.3

>Number:         72772
>Category:       kern
>Synopsis:       kernel panic with pf
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    mlaier
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Oct 16 22:10:12 GMT 2004
>Closed-Date:    Mon Nov 08 12:43:28 GMT 2004
>Last-Modified:  Mon Nov 08 12:43:28 GMT 2004
>Originator:     Berend
>Release:        5.3-beta7
>Organization:
just student
>Environment:
FreeBSD farmaco.student.utwente.nl 5.3-BETA7 FreeBSD 5.3-BETA7 #0: Sat Oct 16 14:01:09 CEST 2004     root@farmaco.student.utwente.nl:/usr/obj/usr/src/sys/Farmaco  i386

>Description:
When I put this rule in the /etc/pf.conf file:
block return out on xl0 proto tcp from any to any port 139 user {1004,1005,1006,1007}
and I reload with pf -f /etc/pf.conf, the kernel hangs when I run as a user: telnet hostname_of_a_remote_machine 139 and I do ctrl + ] and type quit.
>How-To-Repeat:
See Full Description
>Fix:
I am not that smart ;)
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->mlaier 
Responsible-Changed-By: simon 
Responsible-Changed-When: Sat Oct 16 22:48:56 GMT 2004 
Responsible-Changed-Why:  
Over to pf maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=72772 

From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: Berend <berend@kubus.cx>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/72772: kernel panic with pf
Date: Sun, 17 Oct 2004 00:48:34 +0200

 --xtmLDbP6TiKhntQb
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On 2004.10.16 22:06:45 +0000, Berend wrote:
 
 > >Synopsis:       kernel panic with pf
 [...]
 > When I put this rule in the /etc/pf.conf file:
 > block return out on xl0 proto tcp from any to any port 139 user {1004,100=
 5,1006,1007}
 > and I reload with pf -f /etc/pf.conf, the kernel hangs when I run as
 > a user: telnet hostname_of_a_remote_machine 139 and I do ctrl + ] and
 > type quit.
 
 Does it hang or panic (synopsis says panic)?
 
 If it panics, could you please try to obtain a kernel stack trace, as
 described in the FreeBSD Developers Handbook?
 
 --=20
 Simon L. Nielsen
 FreeBSD Documentation Team
 
 --xtmLDbP6TiKhntQb
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.6 (FreeBSD)
 
 iD8DBQFBcaVCh9pcDSc1mlERAlktAJ9dQuWko948+9ZrcPbXXmCU6BeiIQCgxSOv
 dne3mh89yQVsya0MqVLZXo8=
 =RR61
 -----END PGP SIGNATURE-----
 
 --xtmLDbP6TiKhntQb--
State-Changed-From-To: open->feedback 
State-Changed-By: mlaier 
State-Changed-When: Sun Oct 17 00:56:09 GMT 2004 
State-Changed-Why:  
This hang seems to be the one described in pf.conf(5)'s BUGS section. If you 
want to use user or group modifier you have to turn off debug.mpsafenet (=0) 

Please tell me if you already did have debug.mpsafenet=0, otherwise I'll 
close this PR. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=72772 

From: "Berend" <berend@kubus.cx>
To: freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: kern/72772: kernel panic with pf
Date: Sun, 17 Oct 2004 11:01:20 +0200

 You are right, debug.mpsafenet =3D 1 on my system but I cannot change it=
  with sysclt because
 he says it's read only.
 If this is the solution for my problem, thanks for helping. In my man pf,=
  man pfctl and man pf.conf, there was no
 BUG section which tells me about this known bug.
 
 
 
 *********** REPLY SEPARATOR  ***********
 
 On 10/17/2004 at 12:58 AM Max Laier wrote:
 
 >Synopsis: kernel panic with pf
 >
 >State-Changed-From-To: open->feedback
 >State-Changed-By: mlaier
 >State-Changed-When: Sun Oct 17 00:56:09 GMT 2004
 >State-Changed-Why: 
 >This hang seems to be the one described in pf.conf(5)'s BUGS section. If
 >you
 >want to use user or group modifier you have to turn off debug.mpsafenet
 >(=3D0)
 >
 >Please tell me if you already did have debug.mpsafenet=3D0, otherwise I'll
 >close this PR.
 >
 >http://www.freebsd.org/cgi/query-pr.cgi?pr=3D72772
 
 
 
State-Changed-From-To: feedback->closed 
State-Changed-By: mlaier 
State-Changed-When: Sun Oct 17 14:46:23 GMT 2004 
State-Changed-Why:  
You must set debug.mpsafenet=0 in your loader.conf. It is a boot-time sysctl. 
The BUGS section was MFCed shortly after BETA7, sorry for the confusion. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=72772 

From: "Berend" <berend@kubus.cx>
To: "Max Laier" <mlaier@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/72772: kernel panic with pf
Date: Fri, 22 Oct 2004 11:05:06 +0200

 I got bad news, I tested like you said, I put debug.mpsafenet=3D0 in my=
  loader.conf and then I rebooted the system.
 When it came up, I tested with sysctl the value of debug.mpsafenet and it=
  was indeed 0. Then I reloaded my rules with pfctl and the system hung=
  again! so it is not solved with the debug.mpsafenet=3D0 setting.
 
 Greetz
 
 
 
 
State-Changed-From-To: closed->open 
State-Changed-By: mlaier 
State-Changed-When: Fri Oct 22 14:51:24 GMT 2004 
State-Changed-Why:  
Re-open due to failure message :- 

Is this with BETA7 still? I am not 100% sure what is in BETA7 exactly, but do 
you have a chance to move to RC1/RELENG_5 as of now? It really should not lock 
with Giant in place. 

Thanks for the report, I'll look into it some more. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=72772 

From: "Berend" <berend@kubus.cx>
To: "Max Laier" <mlaier@FreeBSD.org>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: kern/72772: kernel panic with pf
Date: Sat, 23 Oct 2004 18:17:52 +0200

 You are right, rc1 does not have the bug anymore. Thanks!
 
 
 *********** REPLY SEPARATOR  ***********
 
 On 22-10-2004 at 14:55 Max Laier wrote:
 
 >Synopsis: kernel panic with pf
 >
 >State-Changed-From-To: closed->open
 >State-Changed-By: mlaier
 >State-Changed-When: Fri Oct 22 14:51:24 GMT 2004
 >State-Changed-Why: 
 >Re-open due to failure message :-\
 >
 >Is this with BETA7 still? I am not 100% sure what is in BETA7 exactly, but
 >do
 >you have a chance to move to RC1/RELENG_5 as of now? It really should not
 >lock
 >with Giant in place.
 >
 >Thanks for the report, I'll look into it some more.
 >
 >http://www.freebsd.org/cgi/query-pr.cgi?pr=3D72772
 
 
 
State-Changed-From-To: open->closed 
State-Changed-By: mlaier 
State-Changed-When: Mon Nov 8 12:42:49 GMT 2004 
State-Changed-Why:  
Fixed according to reporter. Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=72772 
>Unformatted:
