netbsd-bugs: kern/4586: ipf -D causes kernel panic when used with ipnat

Subject: kern/4586: ipf -D causes kernel panic when used with ipnat
To: None <gnats-bugs@gnats.netbsd.org, darrenr@NetBSD.ORG>
From: None <scotte@intrepid.warped.com>
List: netbsd-bugs
Date: 11/27/1997 20:10:09

>Number:         4586
>Category:       kern
>Synopsis:       ipf -D causes kernel panic if  ipnat is active.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Nov 27 12:20:01 1997
>Last-Modified:
>Originator:     Scott Ellis
>Organization:
None
	
>Release:        Nov 27, 1997<NetBSD-current source date>
>Environment:
NetBSD/i386 on Intel Pentium 100 w/3c509 and 3c590 ethernet
	
System: NetBSD Intrepid 1.3_ALPHA NetBSD 1.3_ALPHA (INTREPID3) #0: Thu Nov 27 10:59:47 PST 1997 scotte@Intrepid:/home/src/sys/arch/i386/compile/INTREPID3 i386


>Description:
ipnat loaded with the rules file-
ap ep0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map ep0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
map ep0 192.168.1.0/24 -> 0/32

ipfilter enabled via rc.conf.  If root runs 'ipf -D', the system panics
with ddb showing the result of-

_free(f01c61b0,54,f3b77ca0,f014ad8f,f01c61b0) at _free+0x20
_ap_free(f01c61b0) at _ap_free+0x1c
_nat_clealist(f3b77cc0,f01488ff,f0149f48,3,0) at _nat_clealist+0x2f
_ip_natunload(f0149f48,3,0,f3b77cc4,3) at _ip_natunload+0x0
_ipl_disable(f3b77df4,2c00,f0831000,0,0) at ipl_diable+0x7b

	
>How-To-Repeat:
ipnat -f nat.rules && ipf -D 
	
>Fix:
Unknown.
	
>Audit-Trail:
>Unformatted: