[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  Kasper Pedersen <m0n0list dash kkp2 at kasperkp dot dk>
 Subject:  Re: [m0n0wall] Post mortem autopsy on a dead monowall
 Date:  Sat, 25 Nov 2006 16:15:39 +0100
On 14.11.06 21:07 +0100, Manuel Kasper wrote:

> I should have more time to investigate this in detail later this
> week, but in the meantime, I converted the packets from your

Just a quick follow-up on this: I was unable to crash m0n0wall 1.22
(running on a net4801 in the default configuration) by sending it the
packets found in the memory dump from Kasper's machine - no matter
whether the firewall was set to block or to pass them. Behavior could
have been influenced by the contents of the state or NAT table on his
machine though...

I recommend that people who experience inexplicable lockups with
their m0n0walls frequently to try and run a packet sniffer on their
m0n0wall's WAN interface, and have it record all packets.

- Manuel