Project

General

Profile

Actions
Copy link

Bug #7552

closed

IPFW crashes on load or unload of modules

Added by Anthony Hernandez almost 7 years ago. Updated almost 7 years ago.

Status:
Rejected
Priority:
Low
Assignee:
-
Category:
Captive Portal
Target version:
-
Start date:
05/16/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

https://customercare.netgate.com/requests/show/index/id/20338

Complete kernel crash on Netgate branded servers. Can't reproduce in Virtual environment (2.3 - 2.3.1) Tested on C2758 and XG2758 on 2.3.4 and 2.3 respectively

Simple script to reproduce within 20 seconds of running. REloading or editing Captive portal could produce a kernel dump in production environment. Starting doesn't cause the break, it's restarting captive portal service that causes this issue.

I'm arbitrarily setting this to high, as it affects all our servers in production when updating configs for captive portal that results in a restart of the service, and especially if there is only one captive portal running.

#!/bin/sh
while true ; do
/sbin/kldload ipfw.ko dummynet.ko;
/sbin/kldunload ipfw.ko dummynet.ko;
done

Actions
Copy link
 #1

Updated by Jim Pingle almost 7 years ago

  • Priority changed from Very High to Low

Nowhere in the pfSense source does it ever kldunload ipfw.ko or dummynet.ko.

Is there a way to replicate this using ONLY procedures involving the pfSense GUI or natural processes on the base system (no custom scripts)?

Actions
Copy link
 #2

Updated by Jim Pingle almost 7 years ago

  • Status changed from New to Feedback
Actions
Copy link
 #3

Updated by Anthony Hernandez almost 7 years ago

Jim Pingle wrote:

Nowhere in the pfSense source does it ever kldunload ipfw.ko or dummynet.ko.

Is there a way to replicate this using ONLY procedures involving the pfSense GUI or natural processes on the base system (no custom scripts)?

service_captiveportal calls on /etc/inc/captiveportal and I pulled the kldload/unload from that. Since restarting captive portal follows through with removing all captive portal entries and addding them again. Once it hits the last entry, it unloads the kernel modules, loads modules, adds in all the sysctl configuration options, and proceeds to randomly crash.

This mini script is to show what the complex UI is doing

/etc/inc/captiveportal.inc:166
function captiveportal_load_modules()

Actions
Copy link
 #4

Updated by Anthony Hernandez almost 7 years ago

Oi, you're right.

Actions
Copy link
 #5

Updated by Anthony Hernandez almost 7 years ago

Please close this, seems I made a mistake on how to employ our version of Captive portal, and thought the kldunload of the custom ipfw.ko was supported. I've modified my scripts to never unload a kernel, but check if the kernels are not loaded during startup.

Actions
Copy link
 #6

Updated by Jim Pingle almost 7 years ago

  • Status changed from Feedback to Rejected
  • Target version deleted (2.3.4-p1)
  • Affected Version deleted (2.3.x)
Actions
Copy link

Also available in: Atom PDF