# libunwind error while transfering file via boto3 from freebsd



## Ishayahu (Aug 20, 2020)

I try to transfer file from freebsd 12.1-RELEASE-p8 to yandex.cloud via boto3 (1.14.1) & python 3.7.8 with that script:


```
import boto3
KB = 1024
MB = KB * KB
BUCKET = 'uni21-backups'
login = 'login'
password = 'password'
backup_full_filename = r'/usr/local/etc/ipfw/rc.firewall'

s3 = boto3.resource(service_name = 's3', endpoint_url = 'https://storage.yandexcloud.net',
                    region_name = 'ru-central1',
                    aws_access_key_id = login,
                    aws_secret_access_key = password
                    )

from boto3.s3.transfer import TransferConfig
config = TransferConfig(multipart_threshold = 200 * MB, max_concurrency = 1,
                        multipart_chunksize = 200 * MB, use_threads = True)

s3.meta.client.upload_file(Bucket = BUCKET, Key = 'backup.rc.firewall', Filename = backup_full_filename, Config = config)
```

But on the last line I've got error:


```
libunwind: EHHeaderParser::decodeTableEntry: bad fde: CIE ID is not zero
libunwind: EHHeaderParser::decodeTableEntry: bad fde: CIE ID is not zero
```

As a result I see file backup.rc.firewall in bucket, but with zero length. What goes wrong?

UPD:during testing, it turned out that the problem occurs after building the kernel with the following options:


```
options IPFIREWALL # enable ipfw
options IPFIREWALL_DEFAULT_TO_ACCEPT # open ipfw by default
options IPFIREWALL_VERBOSE # enabling loggin ipfw
options IPFIREWALL_VERBOSE_LIMIT = 50 # limit on records in log for one rule
options IPDIVERT # for pockets forwarding
options IPFIREWALL_NAT # nat
options LIBALIAS # aliasing and dealiasing of IP packets, intended for masquerading and network address
```

because on a clean system it works well, and after building the kernel (and installing isc-dhcp44-server) error appears


----------



## VladiBG (Aug 20, 2020)

Chapter 32. Firewalls
					

FreeBSD has three firewalls built into the base system: PF, IPFW, and IPFILTER. This chapter covers how to define packet filtering rules, the differences between the firewalls built into FreeBSD and how to use them




					www.freebsd.org
				




*30.4.4. In-kernel NAT*
OR
*30.4.4.3. Userspace NAT*

Not both of them. You don't need to build a custom kernel as you can load them as modules. Stay with default kernel so you can use binary updates instead of building every time your custom kernel.

In-kernel NAT is using libalias(3) (packet aliasing library for NAT)
userspace natd(8) is using divert(4) (kernel packet diversion mechanism)


----------

