My apologies for sending this again. Apparently,
Yahoo's spellcheck feature is as good as Comcast's
when it comes to mangling the spellcheck function.
Please disregard my previous posting, and refer to
this one if you respond. Thanks.
Original Message:
-----------------
I have been running ipfilter 4.1.3 on Gentoo Linux
with kernel 2.4.26-r9 for the past couple of months.
My experience with it on Linux has been very good, and
I'd like to thank Darren for making it possible for
Linux users to use his outstanding firewall product to
protect our machines and networks. As always, great
work!
I have run into one problem that I'm hoping to get
resolved. When I run both ipfilter 4.1.3 and VMWare
4.5.2 build-8848 on my laptop, everything works great
until I attempt to shut down my machine. At some point
during the shutdown process, I start receiving the
following messages at the console:
--begin message--
unregister_netdevice: waiting for vmnet1 to become
free. Usage count = 4
--end message--
Notes:
- Shutdown continues, albeit at a slower pace, while
these messages are appearing. However, at some point,
the shutdown process hangs while the messages continue
to periodically appear. At that point, the only option
is to power the machine off.
- vmnet1 is sometimes the issue; other times, it is
vmnet8. I can't find a correlation between the
interface in the message and a particular VMWare
virtual machine (vm). All my vm's use both vmnet1 and
vmnet8 (one is a NAT interface, the other is a
host-only interface, FYI).
- In ipfilter rules, I reference the interfaces as
vmnet1 and vmnet8 (i.e. pass in on vmnet8 ...)
- If either ipfilter or VMWare is disabled from
starting, and the other application is started
normally, no shutdown problems occur.
- The problem only manifests itself at shutdown. No
other problems have been observed.
- I hacked my ipfilter startup script to check for the
presence of /dev/vmnet# devices, and to create them
using mknod if they don't exist. Didn't help.
- I have tried adding a series of commands to my
ipfilter shutdown script which flush the state table
and remove all rules before unloading ipfilter.o (ipf
-y, ipf -Fa, ipf -FS). Didn't help.
- I have played around with the order of
startup/shutdown of both ipfilter and VMWare. Didn't
help. FYI, my default configuration is set up so that
ipfilter starts immediately after my network interface
comes up (thus, before VMWare starts).
- I am unsure if this is relevant, but I had to hack
my ipfilter startup script to insert two five second
delays in order to get ipfilter to load and operate
properly on my system. Delay 1 is right before I
insmod ipfilter. Delay 2 is immediately after the
module load, and right before the ipf -f
/path/to/my/ipf.rules command.
- For comparison, when I was using netfilter/iptables
with VMWare, I didn't have any problems. However, I
would much rather use ipfilter.
Anyone have any thoughts about this problem? I could
go to VMWare for help, but I have a hunch that it
might be a waste of time and money.
Thanks for any assistance that you can provide.
Cheers,
=-Rob
__________________________________
Do you Yahoo!?
Check out the new Yahoo! Front Page.
www.yahoo.com
