From owner-freebsd-pf@FreeBSD.ORG Mon Jan 6 11:06:52 2014 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 186756FD for ; Mon, 6 Jan 2014 11:06:52 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 035851088 for ; Mon, 6 Jan 2014 11:06:52 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s06B6p7j045329 for ; Mon, 6 Jan 2014 11:06:51 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id s06B6pSY045327 for freebsd-pf@FreeBSD.org; Mon, 6 Jan 2014 11:06:51 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 6 Jan 2014 11:06:51 GMT Message-Id: <201401061106.s06B6pSY045327@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-pf@FreeBSD.org Subject: Current problem reports assigned to freebsd-pf@FreeBSD.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jan 2014 11:06:52 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/182401 pf [pf] pf state for some IPs reaches 4294967295 suspicou o kern/182350 pf [pf] core dump with packet filter -- pf_overlad_task o kern/179392 pf [pf] [ip6] Incorrect TCP checksums in rdr return packe o kern/177810 pf [pf] traffic dropped by accepting rules is not counted o kern/177808 pf [pf] [patch] route-to rule forwarding traffic inspite o kern/176268 pf [pf] [patch] synproxy not working with route-to o kern/173659 pf [pf] PF fatal trap on 9.1 (taskq fatal trap on pf_test o bin/172888 pf [patch] authpf(8) feature enhancement o kern/172648 pf [pf] [ip6]: 'scrub reassemble tcp' breaks IPv6 packet o kern/171733 pf [pf] PF problem with modulate state in [regression] o kern/169630 pf [pf] [patch] pf fragment reassembly of padded (undersi o kern/168952 pf [pf] direction scrub rules don't work o kern/168190 pf [pf] panic when using pf and route-to (maybe: bad frag o kern/166336 pf [pf] kern.securelevel 3 +pf reload o kern/165315 pf [pf] States never cleared in PF with DEVICE_POLLING o kern/164402 pf [pf] pf crashes with a particular set of rules when fi o kern/164271 pf [pf] not working pf nat on FreeBSD 9.0 [regression] o kern/163208 pf [pf] PF state key linking mismatch o kern/160370 pf [pf] Incorrect pfctl check of pf.conf o kern/155736 pf [pf] [altq] borrow from parent queue does not work wit o kern/153307 pf [pf] Bug with PF firewall o kern/148290 pf [pf] "sticky-address" option of Packet Filter (PF) blo o kern/148260 pf [pf] [patch] pf rdr incompatible with dummynet o kern/147789 pf [pf] Firewall PF no longer drops connections by sendin o kern/143543 pf [pf] [panic] PF route-to causes kernel panic o bin/143504 pf [patch] outgoing states are not killed by authpf(8) o conf/142961 pf [pf] No way to adjust pidfile in pflogd o conf/142817 pf [patch] etc/rc.d/pf: silence pfctl o kern/141905 pf [pf] [panic] pf kernel panic on 7.2-RELEASE with empty o kern/140697 pf [pf] pf behaviour changes - must be documented o kern/137982 pf [pf] when pf can hit state limits, random IP failures o kern/136781 pf [pf] Packets appear to drop with pf scrub and if_bridg o kern/135948 pf [pf] [gre] pf not natting gre protocol o kern/134996 pf [pf] Anchor tables not included when pfctl(8) is run w o kern/133732 pf [pf] max-src-conn issue o conf/130381 pf [rc.d] [pf] [ip6] ipv6 not fully configured when pf st o kern/127920 pf [pf] ipv6 and synproxy don't play well together o conf/127814 pf [pf] The flush in pf_reload in /etc/rc.d/pf does not w o kern/127121 pf [pf] [patch] pf incorrect log priority o kern/127042 pf [pf] [patch] pf recursion panic if interface group is o kern/125467 pf [pf] pf keep state bug while handling sessions between s kern/124933 pf [pf] [ip6] pf does not support (drops) IPv6 fragmented o kern/122773 pf [pf] pf doesn't log uid or pid when configured to o kern/122014 pf [pf] [panic] FreeBSD 6.2 panic in pf o kern/120281 pf [pf] [request] lost returning packets to PF for a rdr o kern/120057 pf [pf] [patch] Allow proper settings of ALTQ_HFSC. The c o bin/118355 pf [pf] [patch] pfctl(8) help message options order false o kern/114567 pf [pf] [lor] pf_ioctl.c + if.c o kern/103283 pf pfsync fails to sucessfully transfer some sessions o kern/93825 pf [pf] pf reply-to doesn't work o sparc/93530 pf [pf] Incorrect checksums when using pf's route-to on s o kern/92949 pf [pf] PF + ALTQ problems with latency o kern/87074 pf [pf] pf does not log dropped packets when max-* statef a kern/86752 pf [pf] pf does not use default timeouts when reloading c o bin/86635 pf [patch] pfctl(8): allow new page character (^L) in pf. o kern/82271 pf [pf] cbq scheduler cause bad latency 56 problems total. From owner-freebsd-pf@FreeBSD.ORG Mon Jan 6 18:53:51 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 09DC1932; Mon, 6 Jan 2014 18:53:51 +0000 (UTC) Received: from sasl.smtp.pobox.com (a-pb-sasl-quonix.pobox.com [208.72.237.25]) by mx1.freebsd.org (Postfix) with ESMTP id ACFBF1F3D; Mon, 6 Jan 2014 18:53:50 +0000 (UTC) Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 59EF7FD8E; Mon, 6 Jan 2014 13:53:41 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date :message-id:from:to:cc:subject:in-reply-to:references :mime-version:content-type:content-transfer-encoding; s=sasl; bh=8LnIAoroNQjkVBAXGi1mOe0KAX8=; b=p+dPmSo8f8gX2aKAsZapZ1IhuxN6 5r0GDWdLO850dTZQMTGK/I1w0/QdYniosdVP+j+W/XVBwkyRrbu+IHn6dggYhWov jVd7dROyjRRVNtdjxbJtWTZDZkZdy6IYQEkYGnnsAzpZVA3bv/caZ0nOxsYkIiTy BFwB9faTttuoxpM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:message-id :from:to:cc:subject:in-reply-to:references:mime-version :content-type:content-transfer-encoding; q=dns; s=sasl; b=ARR6tL 2T0tz338a9sjmox6LcSxS/O5oatJHZ+7N+i8glOmL6YGjLRUDkY0qMm4kN+Z+8DP MOz6tYFxx5r6WQLMCinuUuHmCFvMljjejLdJXIK7o/cacA9ycrLGZ3M7ruuI/ezp S8NN1z1zkxBJG0BiuhROqLSsL+tvjI200krUk= Received: from a-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 51B34FD8D; Mon, 6 Jan 2014 13:53:41 -0500 (EST) Received: from bmach.nederware.nl (unknown [27.252.205.69]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPA id 9B9F0FD8C; Mon, 6 Jan 2014 13:53:40 -0500 (EST) Received: from quadrio.nederware.nl (quadrio.nederware.nl [192.168.33.13]) by bmach.nederware.nl (Postfix) with ESMTP id 420D928AA2; Tue, 7 Jan 2014 07:53:38 +1300 (NZDT) Received: from quadrio.nederware.nl (quadrio.nederware.nl [127.0.0.1]) by quadrio.nederware.nl (Postfix) with ESMTP id F35D84044E50; Tue, 7 Jan 2014 07:53:37 +1300 (NZDT) Date: Tue, 07 Jan 2014 07:53:37 +1300 Message-ID: <877gadc572.wl%berend@pobox.com> From: Berend de Boer To: Gleb Smirnoff Subject: Re: Network severely unstable 10.0-PRERELEASE In-Reply-To: <20140101214952.GH71033@glebius.int.ru> References: <87sitku33x.wl%berend@pobox.com> <20131225132752.GK71033@FreeBSD.org> <877gasu3oa.wl%berend@pobox.com> <20131226153155.GS71033@glebius.int.ru> <87ob3zcavs.wl%berend@pobox.com> <20131230191327.GC71033@glebius.int.ru> <87a9ffcy2i.wl%berend@pobox.com> <20140101214952.GH71033@glebius.int.ru> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/24.3 (i686-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) Organization: Xplain Technology Ltd MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: multipart/signed; boundary="pgp-sign-Multipart_Tue_Jan__7_07:53:37_2014-1"; micalg=pgp-sha256; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit X-Pobox-Relay-ID: DBBCDF3C-7703-11E3-B444-873F0E5B5709-48001098!a-pb-sasl-quonix.pobox.com Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jan 2014 18:53:51 -0000 --pgp-sign-Multipart_Tue_Jan__7_07:53:37_2014-1 Content-Type: text/plain; charset=US-ASCII >>>>> "Gleb" == Gleb Smirnoff writes: B> Have been running this without the rule change, to see if it B> doesn't introduce any adverse effects. So far so good. When I'm B> back from holiday (this Saturday), I'll enable the bad keyword. Gleb> Good! Waiting for your feedback. Thanks! Hi Glebius, No problems so far, have been running this for a few days. Please commit! -- All the best, Berend de Boer --pgp-sign-Multipart_Tue_Jan__7_07:53:37_2014-1 Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit Content-Description: OpenPGP Digital Signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iQIcBAABCAAGBQJSyvuxAAoJEKOfeD48G3g5dzEP/iTsaTgfH5vSPlyUVJx8ZV8K 70Uv8TbDBgYrugzH5RXBnpWI5qMzBj4riTS8os1UeoW9Mw8Us0+w7GHUKZQXfMwO K3SCVxPQSn17YZ2diwn+HMGTI9cyYGTCYPSEJWyPP5Uf/t9LbMYNnsSp4w/z/qku xdveoEpOut2d5BiKuurVgs57ieWUY4+agN0Gr0PTv8+ZSrxAqY/qFtnPngloddd9 qrTMqxn51x7rBeK3ycbMlkqsIYInu2kVyH9y6NeZz0RXCksYanMd//4ubeRpXGzX BF9VO/89d4rVcoPY2Ctu3+CqornjRDfDog8UH6C74u16v6m/j+8Lu9prs9oaGyDj 3kPVTTQb7DESTC8qh2pG350+7tgnqzaTD87SxBgoX0LgXKj0cD3c38lEAvbHTRBd che3Rb9ZkQ8GO5mzM34hSlqH1835OQWZxG+tdXhzt+0ntZ6ClrKG7mP2cN6CoUDK xxUiHjgaOc6NfOkD01ii5QRNKij0mzGnJS+o+IZaIX1RGcY2/TKbA0FKxfaw+ji1 0mEiouvywrhHZdFZ4WBP8XsPvgfioAIll/E5iPqRA5BFwXjIhyuUEhGGaQzAsAF8 En3xGFps7DRSs0x6011eckBxikJ5jRR6P3XlqTYhEuRrRSI47ZFU6ls/iCgPlSbC Cn/USUgPUB12NRYE3XuS =Tfog -----END PGP SIGNATURE----- --pgp-sign-Multipart_Tue_Jan__7_07:53:37_2014-1-- From owner-freebsd-pf@FreeBSD.ORG Mon Jan 6 19:08:35 2014 Return-Path: Delivered-To: freebsd-pf@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 65752EAF; Mon, 6 Jan 2014 19:08:35 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 385051120; Mon, 6 Jan 2014 19:08:35 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s06J8ZeB060141; Mon, 6 Jan 2014 19:08:35 GMT (envelope-from glebius@freefall.freebsd.org) Received: (from glebius@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id s06J8Ywc060140; Mon, 6 Jan 2014 19:08:34 GMT (envelope-from glebius) Date: Mon, 6 Jan 2014 19:08:34 GMT Message-Id: <201401061908.s06J8Ywc060140@freefall.freebsd.org> To: eksffa@freebsdbrasil.com.br, glebius@FreeBSD.org, freebsd-pf@FreeBSD.org, glebius@FreeBSD.org From: glebius@FreeBSD.org Subject: Re: kern/173659: [pf] PF fatal trap on 9.1 (taskq fatal trap on pf_test_rule) X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jan 2014 19:08:35 -0000 Synopsis: [pf] PF fatal trap on 9.1 (taskq fatal trap on pf_test_rule) State-Changed-From-To: open->closed State-Changed-By: glebius State-Changed-When: Mon Jan 6 19:08:00 UTC 2014 State-Changed-Why: This looks like duplicate of 182141, which was just moved to "patched" state. Responsible-Changed-From-To: freebsd-pf->glebius Responsible-Changed-By: glebius Responsible-Changed-When: Mon Jan 6 19:08:00 UTC 2014 Responsible-Changed-Why: This looks like duplicate of 182141, which was just moved to "patched" state. http://www.freebsd.org/cgi/query-pr.cgi?pr=173659 From owner-freebsd-pf@FreeBSD.ORG Wed Jan 8 08:29:35 2014 Return-Path: Delivered-To: pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 67F4F7B5 for ; Wed, 8 Jan 2014 08:29:35 +0000 (UTC) Received: from m12-12.163.com (m12-12.163.com [220.181.12.12]) by mx1.freebsd.org (Postfix) with ESMTP id 554501E3C for ; Wed, 8 Jan 2014 08:29:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com; s=s110527; h=Message-ID:Date:Mime-Version:From:Subject; bh=ANsxE lmqfWB2Fu7/gfO/TLL+LTSoeP8wSxM0/kkYfoE=; b=h268WjWxeF9uuTac1TjYX jJCQNKi+IO5wnLvfJDj92ko61/j6ShHZX2urgEtpEkDy244PvnXKtY3/Z6RlJoiv s3PXCavxZmsalaV+owrxmfAybmyGlvvDs24J8/zes06TAP9ocrjACT/tcFeSXP+d x6h4TdF9Ng9lT8zMDmeSEs= Received: from 2011-20121108SO (unknown [171.105.67.253]) by smtp8 (Coremail) with SMTP id DMCowECZZkVlDM1SQo8rBw--.66S2; Wed, 08 Jan 2014 16:29:25 +0800 (CST) X-Coremail-DSSMTP: 171.105.67.253 Message-ID: Date: Wed, 08 Jan 2014 08:29:26 GMT From: To: Subject: laptop keyboards X-CM-TRANSID: DMCowECZZkVlDM1SQo8rBw--.66S2 X-Coremail-Antispam: 1Uf129KBjvJXoWxXr1rXF18WFyDZw17tw4ktFb_yoWrXw43pF 15CrsYkws7Ka4DJa4Y9w10ka4DXrZ8A3W7Xr4Iq3s2vw4qq3y2kF4Ig3yUtrsFyan2qryY gryDZw1kGrs3X3DanT9S1TB71UUUU-JqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x07jsVyxUUUUU= X-Originating-IP: [171.105.67.253] X-CM-SenderInfo: xtld041hlzjkqu6rljoofrz/1tbiUAYN0FEAHBrWHwAAsV MIME-Version: 1.0 Content-Type: text/plain; charset="gb2312" X-Content-Filtered-By: Mailman/MimeDel 2.1.17 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: zhangtingyouxiang@126.com List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jan 2014 08:29:35 -0000 Hi we are coming new laptop keyboards: below are the keyboards,the price 7usd-9usd/pcs DELL E6420 US black DELL Inspiron 14Z-5423 13Z 5323 black US DELL N411Z black with frame RU US HP G7 US AR RU TR UK IT GR black HP MINI210-1000 black RU CF GR HP Dv2000 black LA HP CQ72 FR GR HP CQ320 BR black HP mini5101 black RU HP DV6-1000 CF white black HP 8570 6570 TR PO GR FR TSB A500 P300 black FR IT NE CF CZ JA SP SV black RU TSB P750 blackwith frame SP TSB sat.L600 white TI TSB R845 US TR FR ASUS EPC1015 black LA FR JA CF TR FR LA ASUS K42 black with frameTR white BR white AR asus K52 us ASUS Z96 BR ASUS N45 RU SONY SVE15 black white RU MSI VX600 white US JA W84 black US BR FIT AH530 black white JA TI US CF GTW NV55 IT black LENOVO U410 U310 G470 with frameblackɫRU LENOVO G560 black LA LENOVO S10-2 white FR TR N5110 CF KR lenovo G480 G470 LA RU acer as3810 IT CH GR FR ACER AS9400 white US AR RU FR black ACER AS ONE 751 black TR LG R480 BR white ACER 3810 BLACK UI ACER 532H BLACK BR ACER 5810 BLACK BR UK ASUS X53S BLACK RU UK AR ASUS UX31A BLACK US SP FR ASUS UX31E BLACK US ASUS G60 BLACK RU US ASUS G60 BLACK with frame RU SP ASUS UL30 BLACK US ASUS S200 BLACK UI RU DELL N5110 BLACK US DELL N5010 BLACK GR RU DELL N4010 BLACK LA GR TR DELL N4110 BLACK UK SP BR UI HP G4 G6 BLACK RU US SP HP G4 G6 PINK US HP G6-2000 BLACK RU US HP DV6000 BLACK US TOSHIBA M300 BLACK US TOSHIAB C650 RU US SONY VPC-EE RU ACER 532H D255 D260 D270 WHITE BLACK RU ACER 4736 4738 3810T 4810T 4741 4750 RU ACER 5736 5738 5810T 5552 5551 5741 5736 5738 RU ACER 5516 5517 5541 5732 5532 E725 E525 RU ACER TM5760 6595TG TM6495T RU ASUS G60 K52 N61 G72 G73 UL50 G61 FRAME RU ASUS N50 N53 N73 X61 X66 K53C RU ASUS N50 N53 N73 K53C RU ASUS X53 X54U U53 K53T RU ASUS M51 F7 RU ASUS K55 K55A A55 RU HP CQ70 RU HP MINI 210-1000 -2000 RU SLIVE HP COMPAQ CQ10 MINI 110-3000 RU HP CQ10 MINI 110-3000 RU HP CQ620 625 RU HP 6830S 6830 RU HP 4520 4520S FRAME RU HP MINI 210-1000 SLIVE RU HP C62 CQ62 RU HP DV7-6000 DV7-6100 DV7-6200 FRAME RU HP DV7-7000 WHITOUT FRAME RU HP DM1-3000 FRAME RU HP G4 G6 630 635 430 431 CQ43 CQ57 15R RU SAMSUNG RF510 (Keyboard+Palmrest+Touch PAD+Loudspeaker) RU SAMSUNG QX410 (Keyboard+Palmrest+Touch PAD+Loudspeaker) RU SAMSUNG NP300E4A RU without topcase SAMSUNG NP300E5A NP300V5A RU SAMSUNG NP300E7A RU SAMSUNG RV511 RC510 RV512 without topcase RU AMSUNG R523 R525 R528 R530 R540 R517 R620 R719 RV508 RV510 RU GATEWAY Packard Bell Easynote TM81 GATEWAY ID 15.6"/Packard Bell TM81 TM86 TM87 TM89 TM94 TX86/ silver 5810 NV50A NV51B NV53 NV73A NV59C NV78 NV79 SLIVE RU LENOVO G580 Z580 Z585 FRAME RU LENOVO G570 Z560 G575 Z565 G770 FRAME RU LENOVO Y570 FRAME RU HP DM4-1000/DV5-2000 US CF HP NX6330 US HP NX7300 7400 US HP G4-1000 CF HP DV3-4000 IT SP HP 4510S/4710S CZ HP DV3500/DV3700 SP withbacklight ACER ONE 1810 721 CF ACER 3810T GR TR CF+FR ACER 4710 4320 RU BE DELL N4010 LA FR GR PO IT DELL N5010 LA SP IT GR PO DELL V3300 FR AR TR GR TI UK DELL V3700 US FR AR TI Toshiba is1442 BR CLEVO D900 D27 RU APPLE A1181 JP ACER D525 D725 SAMSUNG NC10 MSI U135 US ASUS 1201 UL20 US ASUS 1015 blackɫUS SAMSUNG R530 RU ACER 2300 US DELL D630 US DELL 1440 US HP CQ61 US UK HP DV7-2000 US HP DV7-4000 with frame HP CQ10 ASUS UL20 ASUS UL20 SAMSUNG N148 TOSHIBA C650 Laptop battery OEM 3/4cell 15usd/pcs original need model to quote OEM 6cell 19usd/pcs original need model to quote OEM 8/9cell 23usd/pcs original need model to quote OEM Laptop adapter 60W 4usd/pcs original 9usd/pcs 90W 6usd/pcs original 11.5usd/pcs laptop fan 4usd/pcs For more model no#,please tell me what you want ,then we will quote to you . Otherwise, we are supply original laptop adapter, laptop battery, motherboard,laptop fan, LED light, CCTV camera and LED/LCD Screen for all size model Should you have any questions, pls do not hesitate to contact me. Best regards Grace zhang +86 13669601454 +86 0775 83647855 [1]http://www.keyboard2013.com Email:zhangtingyouxiang@hotmail.com huaruishop eletronic co.,ltd Q5B136 5F huqiangbei eletronic square futian district shenzhen city guangdong province china References 1. http://www.keyboard2013.com/ From owner-freebsd-pf@FreeBSD.ORG Wed Jan 8 19:49:11 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8ECCDB02; Wed, 8 Jan 2014 19:49:11 +0000 (UTC) Received: from mail-ve0-x230.google.com (mail-ve0-x230.google.com [IPv6:2607:f8b0:400c:c01::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 11AB91AD3; Wed, 8 Jan 2014 19:49:10 +0000 (UTC) Received: by mail-ve0-f176.google.com with SMTP id oz11so1662532veb.35 for ; Wed, 08 Jan 2014 11:49:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=sobz5WEoK2elAWTQEdKgnNWyE8QjD+gF9oJYbrimOyk=; b=KI7fsyl3qjYyJhSCreTAKK4/M0Pdmra6CA3g53TkIrOdkaJP9u/NOR2nkjV8rmLvSp PTNMeJWn+bzPjnbarEhqKm5iOaCtv3xzNi/Uix3cpQF0jtNWcMM7IPGL44VRgSv21gi3 SYo3bH5zGLMpyDs4usehelvpOqVIERHC/M+H4/RO9jZEnkjXDaZarU5KoumMwBBKZE5a d+L/XexgV1JjZ1sIbHqug5OXsfVAntjhTkdLW+9BLv5G03ZQI53MS6s4Sh2ia33q8X+Q 1ZfuBf1KwDFw8KcpedVhUyt8kR8m790cLZFIp9I4D0RRoYfSN1RuwOIodiP89ULTVrBD yncg== X-Received: by 10.58.100.244 with SMTP id fb20mr81721097veb.6.1389210548158; Wed, 08 Jan 2014 11:49:08 -0800 (PST) MIME-Version: 1.0 Sender: cochard@gmail.com Received: by 10.58.171.1 with HTTP; Wed, 8 Jan 2014 11:48:48 -0800 (PST) In-Reply-To: References: From: =?ISO-8859-1?Q?Olivier_Cochard=2DLabb=E9?= Date: Wed, 8 Jan 2014 20:48:48 +0100 X-Google-Sender-Auth: uq22kL-HAUGh96UvpcW3XFIbO9c Message-ID: Subject: Re: pf and fragmented packets To: Rui Paulo Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jan 2014 19:49:11 -0000 On Sat, Dec 28, 2013 at 9:39 AM, Rui Paulo wrote: > > The second problem happens with large UDP packets. If I change the rule > "scrub on $ext_if all fragment reassemble" to "scrub on $ext_if all > reassemble tcp fragment reassemble", I can see the UDP packets going out > correctly translated, but if I send a large UDP packet (> MTU), pf sends > the reassembled packet as a large packet which exceeds the MTU. > Hi, I've reached to reproduce this problem on 10.0-RC5, but only using pf in "transparent mode" (on a bridge) under a Virtualbox lab: VM1 ===== VM2(pf,scrub,bridge) ===== VM3 ** VM2 configuration ** /etc/rc.conf: ifconfig_em1="up" ifconfig_em2="up" pf_enable="yes" cloned_interfaces="bridge0" ifconfig_bridge0="addm em1 addm em2 up" /etc/pf.conf: set skip on lo0 scrub (automatically converted to "scrub all fragment reassemble") pass (automatically converted to "pass all flags S/SA keep state") ** VM1 configuration ** /etc/rc.conf: ifconfig_em1="inet 10.0.23.2/24" ** VM3 configuration ** /etc/rc.conf: ifconfig_em2="inet 10.0.23.4/24" Now, from VM1, I generate fragmented UDP traffic toward VM3 with netblast: netblast 10.0.23.4 9090 1800 1 And I run tcpdump on VM2(firewall) on the ingress interface is correct: 20:44:09.150865 IP (tos 0x0, ttl 64, id 36516, offset 0, flags [+], proto UDP (17), length 1500) 10.0.23.2.15187 > 10.0.23.4.9090: UDP, length 1800 20:44:09.150936 IP (tos 0x0, ttl 64, id 36516, offset 1480, flags [none], proto UDP (17), length 348) 10.0.23.2 > 10.0.23.4: ip-proto-17 But on the egress interface of VM2(firewall) there is a problem: 20:45:26.591384 20:00:40:11:68:be > 45:00:05:dc:aa:4d, ethertype Unknown (0x0a00), length 1500: 0x0000: 1702 0a00 1704 28cf 2382 0710 6373 0000 ......(.#...cs.. 0x0010: 0004 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ (etc...) 20:45:26.591403 00:b9:40:11:8c:85 > 45:00:01:5c:aa:4d, ethertype Unknown (0x0a00), length 348: 0x0000: 1702 0a00 1704 0000 0000 0000 0000 0000 ................ 0x0010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0040: 0000 0000 0000 0000 0000 0000 0000 0000 ................ (etc... Regards, Olivier