Hi, [maxim cc'd as it seems he's already identified, but not fully solved the issue] I've just installed a machine with 5.4-RELEASE and upgraded it to 6.0 BETA1. I have some firewall rules loaded, and on bootup, ipfw fails with: ipfw in free(): error: modified (chunk-) pointer Abort trap (core dumped) when adding one particular rule (although it does succeed in adding it). ipfw is loaded as a module, and the ruleset is loaded with the following in rc.conf: firewall_enable="YES" firewall_script="/etc/ipfw.rules" firewall_logging="YES" /etc/ipfw.rules contains the following (minimal example): ipfw -q -f flush # Delete all rules cmd="ipfw add " # build rule prefix timeservers="{130.88.200.98 or 158.43.128.33 or 128.86.8.123 }" $cmd 00100 allow all from any to any via lo0 $cmd 00200 deny all from any to 127.0.0.0/8 $cmd 00300 deny ip from 127.0.0.0/8 to any $cmd 00500 check-state $cmd 00501 deny all from any to any frag $cmd 00502 deny tcp from any to any established $cmd 00600 allow udp from me to $timeservers ntp keep-state (notice the lack of space between the "{" and the IP address in the timeservers definition. This seems to be the root cause) On bootup, I see the following: ... 00600 allow udp from me to { 130.88.200.98 or dst-ip 158.43.128.33 or dst-ip 128.86.8.123 } dst-port 123 keep-state ipfw in free(): error: modified (chunk-) pointer Abort trap (core dumped) Note that I can't recreate this from multiuser, but it's 100% recreatable by rebooting the machine. Despite the fact that ipfw is able to parse the address list without a space in it, adding the space stops the Abort. This looks like the same problem discussed in December 2003 here: http://lists.freebsd.org/pipermail/freebsd-net/2003-December/002182.html The patch in http://lists.freebsd.org/pipermail/freebsd-net/2003-December/002182.html stops the Abort, but doesn't make ipfw work, instead it fails with "ipfw: hostname ``'' unknown" on the same line If anyone needs a patch testing, that's no problem. Thanks, GavinReceived on Mon Jul 25 2005 - 14:44:33 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:39 UTC