port-sparc/40629: kernel panic under high network load using pf (and ipv6)

To: port-sparc-maintainer%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: port-sparc/40629: kernel panic under high network load using pf (and ipv6)
From: htodd%twofifty.com@localhost
Date: Fri, 13 Feb 2009 21:35:00 +0000 (UTC)
>Number:         40629
>Category:       port-sparc
>Synopsis:       kernel panic under high network load using pf (and ipv6)
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    port-sparc-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Feb 13 21:35:00 +0000 2009
>Originator:     Hisashi T Fujinaka
>Release:        NetBSD 5.0_RC2
>Organization:
        none
>Environment:
        
        
System: NetBSD fls.i8u.org 5.0_RC2 NetBSD 5.0_RC2 (FLS) #11: Mon Feb 9 16:37:01 
PST 2009 
htodd%kerry.i8u.org@localhost:/home/obj/sys/arch/sparc/compile.sparc/FLS sparc
Architecture: sparc
Machine: sparc
>Description:
The current kernel appears to panic under high load network load on a 
SPARCclassic. I am attaching the dumps and some of the functions from nm.

Feb 12 22:33:32 fls /netbsd: gif_output: recursively called too many times(2)
data fault: pc=0xf0058124 addr=0xf4e66076 
sfsr=326<PERR=0,LVL=3,AT=1,FT=1,FAV,OW>
panic: kernel fault
Frame pointer is at 0xf4e65680
Call traceback:
  pc = 0xf0207268  args = (0x1, 0x5, 0x0, 0x0, 0xf028d000, 0xf4e6581c, 
0xf4e656e8) fp = 0xf4e656e8
  pc = 0xf0174720  args = (0x104, 0x0, 0xf0002000, 0x0, 0x41400fe3, 0xf00, 
0xf4e65758) fp = 0xf4e65758
  pc = 0xf020edcc  args = (0xf02687c8, 0xf0058124, 0xf4e66076, 0xf4e65830, 
0xf02c6000, 0x104, 0xf4e657c8) fp = 0xf4e657c8
  pc = 0xf0006254  args = (0x9, 0x326, 0xf4e66076, 0xf4e65908, 0x7, 0xe, 
0xf4e658a8) fp = 0xf4e658a8
  pc = 0xf00580cc  args = (0xf4e659c0, 0x28, 0xf4e659c0, 0xc, 0x0, 0x0, 
0xf4e65958) fp = 0xf4e65958
  pc = 0xf0060784  args = (0x0, 0x28, 0xef, 0xf4e659c0, 0xf05c60a0, 0xc, 
0xf4e659f8) fp = 0xf4e659f8
  pc = 0xf0062cb8  args = (0xf4e65bec, 0x1, 0xf055be00, 0x1, 0xfd18, 0x0, 
0xf4e65ad8) fp = 0xf4e65ad8
  pc = 0xf00662e8  args = (0x1, 0xf35dd010, 0xf4e65ccc, 0x0, 0x6, 0x1, 
0xf4e65c00) fp = 0xf4e65c00
  pc = 0xf01d0038  args = (0x0, 0xf4e65ccc, 0xf3a93408, 0x1, 0x0, 0x4, 
0xf4e65c68) fp = 0xf4e65c68
  pc = 0xf0012918  args = (0xf05177c0, 0xf4e65d84, 0xf3a93408, 0x1, 0x414000e4, 
0x41400fe4, 0xf4e65cd8) fp = 0xf4e65cd8
  pc = 0xf00133a8  args = (0xf35dd010, 0xfe02a000, 0x0, 0x440, 0x7, 0xf02b9288, 
0xf4e65d40) fp = 0xf4e65d40
  pc = 0xf0159f38  args = (0xf02b9000, 0xa4f3, 0x8, 0x2, 0xf3a95050, 
0xf027e6a0, 0xf4e65da8) fp = 0xf4e65da8
  pc = 0xf014c054  args = (0x1, 0xfe029010, 0x0, 0x2, 0xf3a95050, 0x40, 
0xf4e65e10) fp = 0xf4e65e10
  pc = 0xf020f3ec  args = (0xf47b9780, 0xf00a1208, 0xf0002000, 0x0, 0x0, 0x161, 
0xf4e65e78) fp = 0xf4e65e78
  pc = 0xf0006434  args = (0xfffffffe, 0xf44383e8, 0x20217110, 0xf4e65fb0, 0x0, 
0x2044b340, 0xf4e65f50) fp = 0xf4e65f50
  pc = 0x2021710c  args = (0x210e4, 0x0, 0xff800000, 0x20d59784, 0x0, 0x108, 
0xefffde20) fp = 0xefffde20

dumping to dev 7,1 offset 377867
dump dma0: error: csr=a4400212<ERR,DRAINING=0,IEN,ENDMA,BURST=0,FASTER,ALOADED>
esp0: DMA error; resetting
sd0: async, 8-bit transfers
i/o error
sd0(esp0:0:3:0): polling command not done
panic: scsipi_execute_xs
Frame pointer is at 0xf4e653e0
Call traceback:
  pc = 0xf0207268  args = (0x1, 0x5, 0x0, 0x0, 0xf028d000, 0xf4e65570, 
0xf4e65448) fp = 0xf4e65448
  pc = 0xf0174720  args = (0x104, 0x0, 0xf0002000, 0xf0002000, 0x41800fe4, 
0xf00, 0xf4e654b8) fp = 0xf4e654b8
  pc = 0xf01f4108  args = (0xf02610a8, 0xf3a93874, 0xf3a9014c, 0x0, 0xf02c6000, 
0x104, 0xf4e65528) fp = 0xf4e65528
  pc = 0xf01fbfe8  args = (0xf04e3150, 0xf4e65606, 0xa, 0x0, 0x0, 0x4, 
0xf4e65590) fp = 0xf4e65590
  pc = 0xf01fcc10  args = (0xf4333808, 0x103, 0x1, 0x41400fe0, 0x200, 
0xf4e65730, 0xf4e65618) fp = 0xf4e65618
  pc = 0xf015b9b0  args = (0xf4333808, 0x5, 0x0, 0x0, 0xf4e65730, 0xf02c7400, 
0xf4e65680) fp = 0xf4e65680
  pc = 0xf020714c  args = (0xf02b3400, 0x5, 0xf032f400, 0xfffff, 0xf028d000, 
0xf00, 0xf4e656e8) fp = 0xf4e656e8
  pc = 0xf0174720  args = (0x104, 0x0, 0xf0002000, 0x0, 0x41400fe3, 0xf00, 
0xf4e65758) fp = 0xf4e65758
  pc = 0xf020edcc  args = (0xf02687c8, 0xf0058124, 0xf4e66076, 0xf4e65830, 
0xf02c6000, 0x104, 0xf4e657c8) fp = 0xf4e657c8
  pc = 0xf0006254  args = (0x9, 0x326, 0xf4e66076, 0xf4e65908, 0x7, 0xe, 
0xf4e658a8) fp = 0xf4e658a8
  pc = 0xf00580cc  args = (0xf4e659c0, 0x28, 0xf4e659c0, 0xc, 0x0, 0x0, 
0xf4e65958) fp = 0xf4e65958
  pc = 0xf0060784  args = (0x0, 0x28, 0xef, 0xf4e659c0, 0xf05c60a0, 0xc, 
0xf4e659f8) fp = 0xf4e659f8
  pc = 0xf0062cb8  args = (0xf4e65bec, 0x1, 0xf055be00, 0x1, 0xfd18, 0x0, 
0xf4e65ad8) fp = 0xf4e65ad8
  pc = 0xf00662e8  args = (0x1, 0xf35dd010, 0xf4e65ccc, 0x0, 0x6, 0x1, 
0xf4e65c00) fp = 0xf4e65c00
  pc = 0xf01d0038  args = (0x0, 0xf4e65ccc, 0xf3a93408, 0x1, 0x0, 0x4, 
0xf4e65c68) fp = 0xf4e65c68
  pc = 0xf0012918  args = (0xf05177c0, 0xf4e65d84, 0xf3a93408, 0x1, 0x414000e4, 
0x41400fe4, 0xf4e65cd8) fp = 0xf4e65cd8
  pc = 0xf00133a8  args = (0xf35dd010, 0xfe02a000, 0x0, 0x440, 0x7, 0xf02b9288, 
0xf4e65d40) fp = 0xf4e65d40
  pc = 0xf0159f38  args = (0xf02b9000, 0xa4f3, 0x8, 0x2, 0xf3a95050, 
0xf027e6a0, 0xf4e65da8) fp = 0xf4e65da8
  pc = 0xf014c054  args = (0x1, 0xfe029010, 0x0, 0x2, 0xf3a95050, 0x40, 
0xf4e65e10) fp = 0xf4e65e10
  pc = 0xf020f3ec  args = (0xf47b9780, 0xf00a1208, 0xf0002000, 0x0, 0x0, 0x161, 
0xf4e65e78) fp = 0xf4e65e78
  pc = 0xf0006434  args = (0xfffffffe, 0xf44383e8, 0x20217110, 0xf4e65fb0, 0x0, 
0x2044b340, 0xf4e65f50) fp = 0xf4e65f50
  pc = 0x2021710c  args = (0x210e4, 0x0, 0xff800000, 0x20d59784, 0x0, 0x108, 
0xefffde20) fp = 0xefffde20

dumping to dev 7,1 offset 377867
dump device not ready
rebooting

trap type 0x7: pc=0xf010eab0 npc=0xf010eab4 psr=418000c6<S,PS>
panic: alignment fault
Frame pointer is at 0xf454f400
Call traceback:
  pc = 0xf0207268  args = (0x1, 0x5, 0x0, 0x0, 0xf028d000, 0xf454f5a0, 
0xf454f468) fp = 0xf454f468
  pc = 0xf0174720  args = (0x104, 0x0, 0xf0002000, 0x0, 0x419000e4, 0x0, 
0xf454f4d8) fp = 0xf454f4d8
  pc = 0xf020f2cc  args = (0xf0268998, 0x7, 0xf010eab0, 0xf010eab4, 0xf02c6000, 
0x104, 0xf454f548) fp = 0xf454f548
  pc = 0xf0006434  args = (0x7, 0x418000c6, 0xf010eab0, 0xf454f680, 0x414000e6, 
0x41400fe6, 0xf454f620) fp = 0xf454f620
  pc = 0xf010aaf8  args = (0xf02b1d88, 0xf4660000, 0xf454f7f0, 0xf4660000, 
0xffff, 0xf027e6a0, 0xf454f6d0) fp = 0xf454f6d0
  pc = 0xf020ee90  args = (0xf02b1d88, 0xf4660000, 0x1, 0x0, 0xffff, 
0xf4576000, 0xf454f810) fp = 0xf454f810
  pc = 0xf0006254  args = (0x9, 0x326, 0xf4660000, 0xf454f950, 0xf02b8d10, 0xe, 
0xf454f8f0) fp = 0xf454f8f0
  pc = 0xf005818c  args = (0xf454fa30, 0xf4660000, 0x8, 0x2, 0xf4660000, 
0xf454fa30, 0xf454f9a0) fp = 0xf454f9a0
  pc = 0xf0060784  args = (0x1, 0x28, 0xfffffa32, 0xf454fa08, 0xf05ab398, 0x18, 
0xf454fa40) fp = 0xf454fa40
  pc = 0xf0062cb8  args = (0xf454fc34, 0x1, 0xf055be00, 0x0, 0xffff, 
0x443d6323, 0xf454fb20) fp = 0xf454fb20
  pc = 0xf00662e8  args = (0x1, 0xf0675748, 0xf454fd14, 0x0, 0x6, 0x1, 
0xf454fc48) fp = 0xf454fc48
  pc = 0xf01d0038  args = (0x0, 0xf454fd14, 0xf3a93408, 0x1, 0x0, 0x4, 
0xf454fcb0) fp = 0xf454fcb0
  pc = 0xf0012918  args = (0xf05177c0, 0xf454fdcc, 0xf3a93408, 0x1, 0x0, 0x0, 
0xf454fd20) fp = 0xf454fd20
  pc = 0xf00133a8  args = (0xf0675748, 0x88, 0xffffffff, 0x1, 0x418000e2, 
0xf02b9288, 0xf454fd88) fp = 0xf454fd88
  pc = 0xf0159f38  args = (0xf02b9000, 0x1, 0x0, 0x1, 0x414000e3, 0x41400fe3, 
0xf454fdf0) fp = 0xf454fdf0
  pc = 0xf014c054  args = (0x5, 0x80, 0xf454feb4, 0x0, 0xf453ca80, 0x40, 
0xf454fe58) fp = 0xf454fe58
  pc = 0xf020e87c  args = (0xf453ca80, 0xf454ff20, 0xf454ff40, 0x5, 0xf453ca80, 
0xf0002000, 0xf454fec0) fp = 0xf454fec0
  pc = 0xf0006560  args = (0x45c, 0xf454ffb0, 0x20507884, 0x2, 0x0, 0xf0002000, 
0xf454ff50) fp = 0xf454ff50
  pc = 0x20305a04  args = (0x5, 0x0, 0x80, 0x549, 0x23, 0xfffffc00, 0x20ffeed0) 
fp = 0x20ffeed0

dumping to dev 7,1 offset 377867
dump dma0: error: csr=a4400212<ERR,DRAINING=0,IEN,ENDMA,BURST=0,FASTER,ALOADED>
esp0: DMA error; resetting
sd0: async, 8-bit transfers
i/o error
sd0(esp0:0:3:0): polling command not done
panic: scsipi_execute_xs
Frame pointer is at 0xf454f160
Call traceback:
  pc = 0xf0207268  args = (0x1, 0x5, 0x0, 0x0, 0xf028d000, 0xf454f2f0, 
0xf454f1c8) fp = 0xf454f1c8
  pc = 0xf0174720  args = (0x104, 0x0, 0xf0002000, 0xf0002000, 0x41800fe5, 
0xf00, 0xf454f238) fp = 0xf454f238
  pc = 0xf01f4108  args = (0xf02610a8, 0xf3a93874, 0xf3a9014c, 0x0, 0xf02c6000, 
0x104, 0xf454f2a8) fp = 0xf454f2a8
  pc = 0xf01fbfe8  args = (0xf04e3498, 0xf454f386, 0xa, 0x0, 0x0, 0x4, 
0xf454f310) fp = 0xf454f310
  pc = 0xf01fcc10  args = (0xf4333808, 0x103, 0x1, 0x41400fe1, 0x200, 
0xf454f4b0, 0xf454f398) fp = 0xf454f398
  pc = 0xf015b9b0  args = (0xf4333808, 0x5, 0x0, 0x0, 0xf454f4b0, 0xf02c7400, 
0xf454f400) fp = 0xf454f400
  pc = 0xf020714c  args = (0xf02b3400, 0x5, 0xf032f400, 0xfffff, 0xf028d000, 
0xf00, 0xf454f468) fp = 0xf454f468
  pc = 0xf0174720  args = (0x104, 0x0, 0xf0002000, 0x0, 0x419000e4, 0x0, 
0xf454f4d8) fp = 0xf454f4d8
  pc = 0xf020f2cc  args = (0xf0268998, 0x7, 0xf010eab0, 0xf010eab4, 0xf02c6000, 
0x104, 0xf454f548) fp = 0xf454f548
  pc = 0xf0006434  args = (0x7, 0x418000c6, 0xf010eab0, 0xf454f680, 0x414000e6, 
0x41400fe6, 0xf454f620) fp = 0xf454f620
  pc = 0xf010aaf8  args = (0xf02b1d88, 0xf4660000, 0xf454f7f0, 0xf4660000, 
0xffff, 0xf027e6a0, 0xf454f6d0) fp = 0xf454f6d0
  pc = 0xf020ee90  args = (0xf02b1d88, 0xf4660000, 0x1, 0x0, 0xffff, 
0xf4576000, 0xf454f810) fp = 0xf454f810
  pc = 0xf0006254  args = (0x9, 0x326, 0xf4660000, 0xf454f950, 0xf02b8d10, 0xe, 
0xf454f8f0) fp = 0xf454f8f0
  pc = 0xf005818c  args = (0xf454fa30, 0xf4660000, 0x8, 0x2, 0xf4660000, 
0xf454fa30, 0xf454f9a0) fp = 0xf454f9a0
  pc = 0xf0060784  args = (0x1, 0x28, 0xfffffa32, 0xf454fa08, 0xf05ab398, 0x18, 
0xf454fa40) fp = 0xf454fa40
  pc = 0xf0062cb8  args = (0xf454fc34, 0x1, 0xf055be00, 0x0, 0xffff, 
0x443d6323, 0xf454fb20) fp = 0xf454fb20
  pc = 0xf00662e8  args = (0x1, 0xf0675748, 0xf454fd14, 0x0, 0x6, 0x1, 
0xf454fc48) fp = 0xf454fc48
  pc = 0xf01d0038  args = (0x0, 0xf454fd14, 0xf3a93408, 0x1, 0x0, 0x4, 
0xf454fcb0) fp = 0xf454fcb0
  pc = 0xf0012918  args = (0xf05177c0, 0xf454fdcc, 0xf3a93408, 0x1, 0x0, 0x0, 
0xf454fd20) fp = 0xf454fd20
  pc = 0xf00133a8  args = (0xf0675748, 0x88, 0xffffffff, 0x1, 0x418000e2, 
0xf02b9288, 0xf454fd88) fp = 0xf454fd88
  pc = 0xf0159f38  args = (0xf02b9000, 0x1, 0x0, 0x1, 0x414000e3, 0x41400fe3, 
0xf454fdf0) fp = 0xf454fdf0
  pc = 0xf014c054  args = (0x5, 0x80, 0xf454feb4, 0x0, 0xf453ca80, 0x40, 
0xf454fe58) fp = 0xf454fe58
  pc = 0xf020e87c  args = (0xf453ca80, 0xf454ff20, 0xf454ff40, 0x5, 0xf453ca80, 
0xf0002000, 0xf454fec0) fp = 0xf454fec0
  pc = 0xf0006560  args = (0x45c, 0xf454ffb0, 0x20507884, 0x2, 0x0, 0xf0002000, 
0xf454ff50) fp = 0xf454ff50
  pc = 0x20305a04  args = (0x5, 0x0, 0x80, 0x549, 0x23, 0xfffffc00, 0x20ffeed0) 
fp = 0x20ffeed0

dumping to dev 7,1 offset 377867
dump device not ready
rebooting

As reference:
htodd@fls:~ > nm /netbsd | grep "^f0058"
f0058d94 T pf_free_state
f005807c T pf_modulate_sack
f0058c48 T pf_purge_expired_src_nodes
f0058f0c T pf_purge_expired_states
f00586ac T pf_send_icmp
f0058748 T pf_send_tcp
f0058228 T pf_socket_lookup
f005856c T pf_step_into_anchor
f0058418 T pf_step_out_of_anchor
f0058bd4 T pf_tbladdr_remove
f0058c10 T pf_tbladdr_setup
f0058b04 T pf_unlink_state

htodd@fls:~ > nm /netbsd | grep "^f010e"
f010e880 t clear_hints
f010eb58 T uvm_map_checkprot
f010e8e4 t uvm_map_compare_key
f010e8b8 t uvm_map_compare_nodes
f010ed88 T uvm_map_create
f010ea24 T uvm_map_lookup_entry
f010ec74 T uvm_map_reference
f010ece8 T uvm_map_setup
f010ebf8 T uvm_mapent_overhead
f010e960 t uvm_rb_fixup
f010eef8 t uvm_rb_insert
f010e910 t uvm_rb_maxgap
f010edc0 t uvm_rb_remove
f010eca0 T uvmspace_addref
f010eff4 T uvmspace_alloc
f010ef84 T uvmspace_init
f010eccc T uvmspace_share
f010ea14 T vm_map_busy
f010ec38 T vm_map_starved_p
f010ec30 T vm_map_to_kernel

ifconfig -a:
le0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        address: 08:00:20:04:c5:75
        media: Ethernet autoselect (10baseT)
        status: active
        inet xxx.xxx.xxx.47 netmask 0xffffff00 broadcast xxx.xxx.xxx.255
        inet6 xxxx::xxx:xxxx:xxxx:c575%le0 prefixlen 64 scopeid 0x1
hme0: flags=8a63<UP,BROADCAST,NOTRAILERS,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> 
mtu 1500
        capabilities=3c00<TCP4CSUM_Rx,TCP4CSUM_Tx,UDP4CSUM_Rx,UDP4CSUM_Tx>
        enabled=0
        address: 08:00:20:04:c5:75
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::a00:20ff:fe04:c575%hme0 prefixlen 64 scopeid 0x2
        inet6 xxxx:xxxx:xxx::1 prefixlen 64
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33192
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
        tunnel inet xxx.xxx.xxx.47 --> xxx.xxx.x.66
        inet6 xxxx:xxxx:xx:xx::2 -> xxxx:xxxx:xx:xx::1 prefixlen 128
        inet6 xxxx::xxx:xxxx:xxxx:c575%gif0 ->  prefixlen 64 scopeid 0x4

/etc/pf.conf:
# macros
ext_if = "le0"
int_if = "hme0"
tunnel_if = "gif0"

ext_server = ""
int_server = ""
bittorrent_host = ""

tcp_services = "{ ssh, smtp, http, https, imaps, ident }"
udp_services = "{ imaps, ident }"
icmp_types = "{ echoreq, echorep, unreach, timex }"

priv_nets = "{ 0.0.0.0/7, 2.0.0.0/8, 5.0.0.0/8, 10.0.0.0/8, 23.0.0.0/8, 
27.0.0.0/8, 31.0.0.0/8, 36.0.0.0/7, 39.0.0.0/8, 42.0.0.0/8, 46.0.0.0/8, 
49.0.0.0/8, 50.0.0.0/8, 100.0.0.0/6, 104.0.0.0/5, 112.0.0.0/6, 127.0.0.0/8, 
169.254.0.0/16, 172.16.0.0/12, 173.0.0.0/8, 174.0.0.0/7, 176.0.0.0/5, 
184.0.0.0/6, 192.0.2.0/24, 192.168.0.0/16, 197.0.0.0/8, 198.18.0.0/15, 
223.0.0.0/8, 224.0.0.0/3 }"

# options
set block-policy return
set loginterface $ext_if

scrub in all

####################
# nat/rdr
#nat on $ext_if from $int_if:network to any -> ($ext_if)
nat on $ext_if from !($ext_if) to any -> ($ext_if)

#ssh
rdr on $ext_if proto tcp from any to $ext_if port ssh -> $int_server port ssh

#smtp
rdr on $ext_if proto tcp from any to $ext_if port smtp -> $int_server port smtp

#http
rdr on $ext_if proto tcp from any to $ext_if port http -> $int_server port http

#https
rdr on $ext_if proto tcp from any to $ext_if port https -> $int_server port 
https

#imaps
rdr on $ext_if proto tcp from any to $ext_if port imaps -> $int_server port 
imaps
rdr on $ext_if proto udp from any to $ext_if port imaps -> $int_server port 
imaps

#ident
rdr on $ext_if proto tcp from any to { $ext_if, $tunnel_if } port ident -> 
$int_server port ident
rdr on $ext_if proto udp from any to $ext_if port ident -> $int_server port 
ident

#bittorrent
# rdr on $ext_if proto tcp from any to $ext_if port 50001 -> $bittorrent_host 
port 50001
# rdr on $ext_if proto udp from any to $ext_if port 50001 -> $bittorrent_host 
port 50001

####################
#block everything
# block log all
block all

#martians
# block drop in log quick on $ext_if from $priv_nets to any
# block drop out log quick on $ext_if from any to $priv_nets

####################
#allow loopback and internal
pass quick on { lo $int_if }

pass in on $ext_if inet proto tcp from any to $int_server port $tcp_services 
flags S/SA keep state
pass in on $tunnel_if inet proto tcp from any to $int_server port $tcp_services 
flags S/SA keep state
pass in on $ext_if inet proto udp from any to $int_server port $udp_services

# bittorrent
pass in on $ext_if inet proto tcp from any to $bittorrent_host port 50001 flags 
S/SA keep state
pass in quick on $ext_if inet proto udp from any to $bittorrent_host port 50001

# domain direct to router 
pass in on $ext_if inet proto tcp from any to $ext_server port domain flags 
S/SA keep state
pass in on $ext_if inet proto udp from any to $ext_server port domain

pass in inet proto icmp all icmp-type $icmp_types keep state

pass in  on $int_if from $int_if:network to any keep state
pass out on $int_if from any to $int_if:network keep state

pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state

pass out quick inet proto icmp from $ext_if to any keep state

####################
# ipv6

#icmp
# unreach    1   Destination unreachable
# toobig     2   Packet too big
# timex      3   Time Exceeded
# paramprob  4   Parameter problem
# echoreq    128 Echo Request
# echorep    129 Echo Reply
# groupqry   130 ICMPv6 Membership query
# listqry    130 MLD listener query
# grouprep   131 ICMPv6 membership report
# listenrep  131 MLD listener report
# groupterm  132 ICMPv6 membership termination
# listendone 132 MLD listener done
# routersol  133 ND router solicitation
# routeradv  134 ND router advertisement
# neighbrsol 135 ND neighbor solicitation
# neighbradv 136 ND neighbor advertisement
# redir      137 ND redirection
# routerrenum 138 ICMPv6 router renumbering
# wrureq     139 Who are you request
# wrurep     140 Who are you reply
# fqdnreq    139 ICMPv6 Fully Qualified Domain Name Query
# fqdnrep    140 ICMPv6 Fully Qualified Domain Name Reply
# nireq      139 Neighbor Information Query
# nirep      140 Neighbor Information Reply
# mtraceresp 200 MLD Multicast trace response
# mtrace     201 MLD Multicast trace

# pass in quick proto ipv6-icmp from any to any
pass in quick inet6 proto ipv6-icmp from any to any icmp6-type { echorep 
echoreq routersol routeradv neighbrsol neighbradv }
pass out quick proto ipv6-icmp from any to any keep state

# pass in log-all quick on $ext_if proto ipv6 all
pass out quick on $ext_if proto ipv6 all keep state
# pass in log-all quick on gif0 proto ipv6 all
pass out quick on gif0 all keep state


        
>How-To-Repeat:
Receive lots of traffic, wait.
        
>Fix:
Don't know.
        

>Unformatted:
Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: kern/40634: dostatvfs() broken when chroot to /
Previous by Thread: misc/40627: Manpage for netstat has flags not in alphabetical order.
Next by Thread: Re: port-sparc/40629: kernel panic under high network load using pf (and ipv6)
Indexes:
Home | Main Index | Thread Index | Old Index