Re: [PATCH] IPSec fixes

From: <itojun_at_iijlab.net>
Date: Fri, 16 Jan 2004 15:44:34 +0900
>On Fri, 16 Jan 2004, Jun-ichiro itojun Hagino wrote:
>
>Hi,
>
>> 	the problem i have with the patch is, i have never experienced the
>> 	symptom with NetBSD.  no panic at all, no funny "SPD entry go away
>> 	when it has to stay" issue nor no "dangling pointer" issue.
>> 	could you show me your script which panics your FreeBSD box?  i will
>> 	try that on NetBSD-current box here.
>
>don't have a shell script but do it on command line by hand. This gives
>better logging to serial console when debugging what events occured
>when. The basic idea is:
>
>1. have racoon startup at boot time
>2. run setkey -f an_ipsec.conf
>	an_ipsec.conf:
>		spdflush;
>		spdadd ...
>		spdadd ...
>		spdadd ...
>		spdadd ...
>		...
>3. wait some short time (0-2 minutes) and perhaps do some traffic
>   I usually open a a ssh connection (no ipsec in that path) to my
>   directly connected syslog server, reattach a screen with some
>   tail -f on logfiles
>4. repeat step 2
>5. do s.th. like check netstat -s -p ipsec or just wait some seconds
>6. kill <pid of racoon>
>7. count to ten and wait for the panic to come

	this does not help me repeat the symptom.  could you cook up a shell
	script which panics your box? (if possible, only with setkey)

itojun
Received on Thu Jan 15 2004 - 21:44:41 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:38 UTC