kern/38773: ipf/ipnat broken in 4.99.63

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/38773: ipf/ipnat broken in 4.99.63
From: paul%whooppee.com@localhost
Date: Wed, 28 May 2008 00:15:00 +0000 (UTC)

>Number:         38773
>Category:       kern
>Synopsis:       ipf/ipnat broken in 4.99.63
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed May 28 00:15:00 +0000 2008
>Originator:     Paul Goyette
>Release:        4.99.63
>Organization:
>Environment:
NetBSD quicky.whooppee.com 4.99.63 NetBSD 4.99.63 (QUICKY (ASUS M2N32 WS) 
2008-05-23 19:09:17) #4: Sat May 24 05:04:53 PDT 2008  
paul%quicky.whooppee.com@localhost:/build/obj/amd64/sys/arch/amd64/compile/QUICKY
 amd64

>Description:
The recent import of ipf appears broken.

With no ipf rules defined, but with ipnat enabled, I am unable to ssh from 
another machine into the 4.99.63 box.  SSH -d shows that the TCP session is 
established, but fails during the key exchange.  I can open an ftp session but 
unable to perform an ls.  ICMP pings are properly responded to.  NFS mounts of 
remote file systems also work, but any attempt to to a 'df' or to otherwise 
access the mounted directory fails.

I'm suspecting a problem with packet size, but am unable to confirm.  I have 
had to revert this machine back to 4.99.62 (from May 14th) since I cannot 
disable ipnat (my VoIP gateway needs an IP address).
>How-To-Repeat:
See description.
>Fix:

Follow-Ups:
- Re: kern/38773: ipf/ipnat broken in 4.99.63
  - From: Manuel Bouyer

Prev by Date: Re: kern/38717: sysinst shouldn't create LFS file systems
Next by Date: Re: kern/38642 (hang during unmount of mfs:/tmp during reboot)
Previous by Thread: Re: port-i386/38772: can't reboot from install CD
Next by Thread: Re: kern/38773: ipf/ipnat broken in 4.99.63
Indexes:

Home | Main Index | Thread Index | Old Index