SUMMARY: tcpd causes BAD TRAP Panic

From: Chris Dale (cccd@origma.newcastle.edu.au)
Date: Fri Aug 13 1993 - 08:35:28 CDT


SUMMARY of tcpd (log_tcp) causing BAD TRAP Panic's

My original question was:

> I have been using tcpd V5 to log activity on TCP/IP daemons for some
> time now on a SS2 running 4.1.1. I installed the tcpd (after re-compiling
> it) on a 630MP running 4.1.2 and it appeared to work fine until yesterday
> when it caused a Panic BAD TRAP fault to occur - Are there any known problems
> with using tcpd on the sun4m architecture ? Has anyone seen this occur
> before and if so what's the solution. log_tcp is to valuable to just give
> up on ?

As usual plenty of replies that nailed the problem ! Nearly everyone
replied saying that tcpd can tickle a SunOS Kernel bug when it is
compiled with the KILL_IP_OPTIONS turned on due to a bug in getsockopt().

The immediate workaround is to recompile making sure the KILL_IP_OPTIONS
is commented out.

The catch is that in V5.0 of log_tcp the KILL_IP_OPTIONS is enabled by
default.

In version 5.1 of log_tcp KILL_IP_OPTIONS is commented out by default. Thanks
to David Barr <barr@pop.psu.edu> who posted the entire V5.0 to V5.1 patch
from comp.soures.misc Vol36.

Many thanks to the following people who contributed:

eric@cc.uq.oz.au (Eric Halil)
"Theodore S. Kapela" <kapela@prism.poly.edu>
David Barr <barr@pop.psu.edu>
scheller@c3ot.saic.com (Mark J. Scheller)
Christopher Davis <ckd@eff.org>
"Karl S. Hagen" <greyhelm@me.ksu.edu>
stern@sunne.East.Sun.COM (Hal Stern)

In case you need to know what log_tcp package actually does: This is from
the README file of log_tcp by Wietse Venema (wietse@wzv.win.tue.nl).

> With this package you can monitor incoming connections to the SYSTAT,
> FINGER, FTP, TELNET, RLOGIN, RSH, EXEC, TFTP, TALK, and other network
> services.
>
> The package provides tiny daemon wrapper programs that can be installed
> without any changes to existing software or to existing configuration
> files. The wrappers report the name of the remote host and of the
> requested service; the wrappers do not exchange information with the
> remote client process, and impose no overhead on the actual
> communication between the client and server applications.
>
> Optional features are: access control to restrict what systems can
> connect to your network daemons; remote user name lookups with the RFC
> 931 protocol; additional protection against hosts that pretend to have
> someone elses host name; additional protection against hosts that
> pretend to have someone elses host address.

Regards,

/---------------------------------------------------------------------\
| Chris Dale - System Manager | Computer Systems Group |
|-------------------------------------| University Computing Services |
| Phone : +61 49 215512 | University of Newcastle |
| Fax : +61 49 684742 | University Drive, Callaghan |
| e-mail : cccd@frey.newcastle.edu.au | NSW 2308 Australia |
\---------------------------------------------------------------------/



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:08:06 CDT