On 954323576 seconds since the Beginning of the UNIX epoch
Patrick Welche wrote:
>
>Actually, you're right, after the first rule, the packet would be
>"out on ne1", not "in on ne1" anyway => I shouldn't get a hang..
>
>How-to-repeat:
>boot single user
>ifconfig inet cards / add default route
>mount /usr
># ipf -E
>IP Filter: v3.3.8 initialized.  Default = pass all, Logging = enabled
># ipfstat -io
>empty list for ipfilter(out)
>empty list for ipfilter(in)
># ipf -Fa -f -
>pass in quick on ne0 to ne1 all
>pass in quick on ne1 to ne0 all
># ipfstat -io
>
>* hang *
>* drop into ddb / t *

You are getting the hang the first time your machine sees a broadcast
packet.  This, when sent out of interface foo also comes back in
interface foo.  I had this problem a while back, and my quick hack was:

 == Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/  ==
 == The Unofficial NetBSD Web Pages        http://www.Imrryr.ORG/NetBSD/  ==
 == The NetBSD Project                            http://www.NetBSD.ORG/  ==

--- fil.c       1999/05/10 07:24:08     1.1
+++ fil.c       1999/10/01 21:42:19     1.2
@@ -878,11 +878,16 @@
 
                if ((pass & FR_FASTROUTE) ||
                    (fdp->fd_ifp && fdp->fd_ifp != (struct ifnet *)-1)) {
+                       /* never fastroute by broadcast */
+                       m->m_flags &= ~(M_BCAST|M_MCAST);
                        ipfr_fastroute(m, fin, fdp);
                        m = *mp = NULL;
                }
-               if (mc)
+               if (mc) {
+                       /* never dup by broadcast */
+                       m->m_flags &= ~(M_BCAST|M_MCAST);
                        ipfr_fastroute(mc, fin, &fr->fr_dif);
+               }
        }
        if (!(pass & FR_PASS) && m)
                m_freem(m);