The following reply was made to PR kern/28921; it has been noted by GNATS.

From: Darren Reed <darrenr@NetBSD.org>
To: kim@tac.nyc.ny.us
Cc: gnats-bugs@netbsd.org
Subject: Re: kern/28921
Date: Mon, 18 Jul 2005 22:31:08 +0000

 Kim,
 
 I'm curious about this problem, to say the least.  Can you please apply
 the patch below to ipfilter, rebuild/reload and use gdb to set udpipfdebug
 to 1, capture some data and reset it back to 0 ?
 
 btw, can you add "log first" to the "keep state" rule that is being
 triggered ?
 
 Darren
 
 Index: fil.c
 ===================================================================
 RCS file: /devel/CVS/IP-Filter/fil.c,v
 retrieving revision 2.243.2.57
 diff -u -r2.243.2.57 fil.c
 --- fil.c       28 Mar 2005 10:47:50 -0000      2.243.2.57
 +++ fil.c       18 Jul 2005 07:34:23 -0000
 @@ -1138,6 +1138,7 @@
  /* IPv4 Only                                                                */
  /* Analyse the packet for IPv4/UDP properties.                              */
  /* ------------------------------------------------------------------------ */
 +int ipfudpdebug = 0;
  static INLINE void frpr_udp(fin)
  fr_info_t *fin;
  {
 @@ -1147,6 +1148,7 @@
         frpr_short(fin, sizeof(udphdr_t));
  
         frpr_udpcommon(fin);
 +if (ipfudpdebug) printf("UDP:%d,%d flx %x\n", fin->fin_sport, fin->fin_dport, fin->fin_flx);
  }