After connecting to a PPPoE, fw3 crashes and leave the router completely isolated from internet.
It happens with multiple targets. This is from x86/64 in a VM:
Thu Dec 31 23:05:49 2020 user.notice firewall: Reloading firewall due to ifup of xxx (xxx)
Thu Dec 31 23:05:49 2020 kern.info kernel: [ 34.632472] fw3[3409]: segfault at 293531f0 ip 0000000000409353 sp 00007ffec12378f0 error 4 in fw3[404000+f000]
Thu Dec 31 23:05:49 2020 kern.info kernel: [ 34.632508] Code: 41 00 48 89 c6 e9 48 ff ff ff 48 8b 7c 24 08 48 8d 54 24 40 be e5 36 41 00 e8 2b bb ff ff eb ad 31 db 48 8b 44 24 08 48 ff c3 <48> 8b b8 c8 00 00 00 39 98 c0 00 00 00 7e 0c 48 8b 3c df ff 15 84
If I manually restart the firewall:
* Forward 'vpn' -> 'lan'
Zone 'lan'
Zone 'wan'
! Exception: interface name `pppoe-wanb_pppoe' must be shorter than IFNAMSIZ (15) ! Skipping due to previous exception (code 2)
Segmentation fault
The issue is only visible using a non-network console as after the firewall is gone, iptables is in a drop-all state.
fw3 should ignore the interface but not crash when this situation happens.
luci should prevent interface names/device names that will extrapolate IFNAMSIZ, specially PPPoE.
netifd should limit the number of extra chars in a device prefix (i.e.: "br-", "3g-") to make luci checks easier.
The text was updated successfully, but these errors were encountered:
luizluca:
After connecting to a PPPoE, fw3 crashes and leave the router completely isolated from internet.
It happens with multiple targets. This is from x86/64 in a VM:
Thu Dec 31 23:05:49 2020 user.notice firewall: Reloading firewall due to ifup of xxx (xxx)
Thu Dec 31 23:05:49 2020 kern.info kernel: [ 34.632472] fw3[3409]: segfault at 293531f0 ip 0000000000409353 sp 00007ffec12378f0 error 4 in fw3[404000+f000]
Thu Dec 31 23:05:49 2020 kern.info kernel: [ 34.632508] Code: 41 00 48 89 c6 e9 48 ff ff ff 48 8b 7c 24 08 48 8d 54 24 40 be e5 36 41 00 e8 2b bb ff ff eb ad 31 db 48 8b 44 24 08 48 ff c3 <48> 8b b8 c8 00 00 00 39 98 c0 00 00 00 7e 0c 48 8b 3c df ff 15 84
If I manually restart the firewall:
* Forward 'vpn' -> 'lan'
! Exception: interface name `pppoe-wanb_pppoe' must be shorter than IFNAMSIZ (15) ! Skipping due to previous exception (code 2)
Segmentation fault
The issue is only visible using a non-network console as after the firewall is gone, iptables is in a drop-all state.
fw3 should ignore the interface but not crash when this situation happens.
luci should prevent interface names/device names that will extrapolate IFNAMSIZ, specially PPPoE.
netifd should limit the number of extra chars in a device prefix (i.e.: "br-", "3g-") to make luci checks easier.
The text was updated successfully, but these errors were encountered: