From nobody@FreeBSD.ORG  Sun Sep 24 23:36:21 2000
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 96B7837B42C; Sun, 24 Sep 2000 23:36:21 -0700 (PDT)
Message-Id: <20000925063621.96B7837B42C@hub.freebsd.org>
Date: Sun, 24 Sep 2000 23:36:21 -0700 (PDT)
From: x69@x69.net
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@FreeBSD.org
Subject: ipfw + bridging + 4.x release = crash
X-Send-Pr-Version: www-1.0

>Number:         21534
>Category:       misc
>Synopsis:       ipfw + bridging + 4.x release = crash
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Sep 24 23:40:01 PDT 2000
>Closed-Date:    Fri Nov 24 17:54:47 PST 2000
>Last-Modified:  Thu Sep 13 12:42:02 GMT 2007
>Originator:     Gerard D.
>Release:        4.1-stable
>Organization:
skycom1
>Environment:
bash-2.04$ uname -a
FreeBSD freebsd.x69.net 4.1-RELEASE FreeBSD 4.1-RELEASE #5: Mon Sep 25 01:02:48 CDT 2000     root@freebsd.x69.net:/usr/src/sys/compile/x69  i386
>Description:
when i enable bridging and firewalling support into the kernel and set a firewall rule ie
ipfw add pipe 1 ip from any to any
ipfw pipe 1 config delay 20ms
or config any pipe it will make the system page fault and crash..
>How-To-Repeat:
add options IPFIREWALL and options DUMMYNET into the kernel
set the sysctl var net.link.ether.bridge=1 and net.link.ether.bridge_ipfw=1 then add a pipe like "ipfw add pipe 1 ip from any to any" then config the pipe like "ipfw pipe 1 config delay 20ms" and soon as any data passes through the bridge it will cause the kernel to pagefault..
>Fix:
i wish i knew..

>Release-Note:
>Audit-Trail:

From: Dima Dorfman <dima@unixfreak.org>
To: x69@x69.net
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/21534: ipfw + bridging + 4.x release = crash
Date: Mon, 25 Sep 2000 01:35:54 -0700 (PDT)

 > 
 > >Number:         21534
 > >Category:       misc
 > >Synopsis:       ipfw + bridging + 4.x release = crash
 > >Confidential:   no
 > >Severity:       non-critical
 > >Priority:       medium
 > >Responsible:    freebsd-bugs
 > >State:          open
 > >Quarter:        
 > >Keywords:       
 > >Date-Required:
 > >Class:          sw-bug
 > >Submitter-Id:   current-users
 > >Arrival-Date:   Sun Sep 24 23:40:01 PDT 2000
 > >Closed-Date:
 > >Last-Modified:
 > >Originator:     Gerard D.
 > >Release:        4.1-stable
 > >Organization:
 > skycom1
 > >Environment:
 > bash-2.04$ uname -a
 > FreeBSD freebsd.x69.net 4.1-RELEASE FreeBSD 4.1-RELEASE #5: Mon Sep 25 01:02:48 CDT 2000     root@freebsd.x69.net:/usr/src/sys/compile/x69  i386
 > >Description:
 > when i enable bridging and firewalling support into the kernel and set a firewall rule ie
 > ipfw add pipe 1 ip from any to any
 > ipfw pipe 1 config delay 20ms
 
 Try adding a regular (non-dummynet) firewall rule.
 
 I tried this a few weeks ago, and I came to the conclusion that
 (bridging + ipfw) == okay, while (bridging + ipfw + dummynet) ==
 guaranteed panic.  I also saw a thread saying that this is a known
 problem without an easy fix (or something to that affect) so I didn't
 bother to do anything with it.
 
 Just FYI
 
 -- 
 Dima Dorfman <dima@unixfreak.org>
 Finger dima@unixfreak.org for my public PGP key.
 
 I've used up all my sick days so I'm calling in dead!
 
State-Changed-From-To: open->		 closed 
State-Changed-By: bmilekic 
State-Changed-When: Fri Nov 24 17:54:47 PST 2000 
State-Changed-Why:  
Fixed and committed in -CURRENT. Will be committed to -STABLE within the 
next 24 hours. I already have a PR assigned to this that I am leaving open 
until I commit it to -STABLE; I'm closing the others pertaining to this 
issue immediately. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=21534 
>Unformatted:
