[rescue] IPFILTER woes
Derrick D. Daugherty
derrick at blinky-lights.org
Mon Feb 18 17:09:22 CST 2002
It's rumored that around Mon, Feb 18, 2002 at 05:39:09PM -0500
Brian Hechinger <wonko at arkham.ws> wrote:
> ok, so here's what happens. the machine locks dead. no panic, just stopped.
> i can break to the rom and reboot the machine. it happens at seemingly random
> intervals. i saw the posts about ipmon hanging solaris, but i have tried it
> with ipmon running and without ipmon running. hangs both ways.
i'm guessing this thing is actually pushing a buncha traffic? IIRC it's
a shared mem thang..you'll wanna set it in /etc/system and reboot..or if
you're feelin' really crazy you can alter the running kernel. if it's a
semi-fresh boot you could prolly do it. hell, if it's jsut a firewall
and no db to screw up might as well get adventerous and edit it live :D
the Panic! book would prolly cover it..maybe.. I dunno if they'd tell
someone how to break their system :)
but if ya want...
adb -wk /dev/ksyms /dev/mem (yer now in the guts of the live kernel)
shminfo_shmmax/D (take a peek at current setting, replace
with which one ya wanna see)
shminfo/W1000000 (10m in hex) or
shminfo/W0t16777216 in decimal.. for 64bit kernel use Z instead of W
trick is finding what good values would be...but i'm pretty sure that's
the issue. mebbe compile ipfilter with debugging symbols?
HTH
^D
More information about the rescue
mailing list