From owner-freebsd-pf@FreeBSD.ORG Thu Aug 14 15:08:57 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 171266C3 for ; Thu, 14 Aug 2014 15:08:57 +0000 (UTC) Received: from mail-qa0-x22b.google.com (mail-qa0-x22b.google.com [IPv6:2607:f8b0:400d:c00::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 82806223A for ; Thu, 14 Aug 2014 15:08:54 +0000 (UTC) Received: by mail-qa0-f43.google.com with SMTP id w8so1076990qac.30 for ; Thu, 14 Aug 2014 08:08:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=CI+9Tu+uY4gmyxLICb2j9Y0icRR7dxqZoiAOgk98uoo=; b=MUwvo32fzgMtkAlVgc5claGG3ykgOsgKV9qqPmrkH3L5d6PvHvvPY2j9xn4AcAmRZ4 IJnkazJXN+uwjZpYI1Rz3V1wPIP4ChqQn26Zd3DQgMH8BSWMlBE+X5mc87F2qT8Klzkf n1KcdM6fLFU+SU6P52itCPAIPZM8QIAQE9wOwbDxT5AR3iQHITGbac15fvMbu4Bj1/d1 ZxZp20DlxPEDgRPtMu5BvBgw77ph4+TPRrqPSehPgve2hiOYAMlxSEBUESmys6ygWqV9 i963DfsHZRqC9xdmMs6qJo1MmFu0rUM3bCy4NhXMLpD4OgirqV8tCarJ+KOHONlpSdWd 6+sA== MIME-Version: 1.0 X-Received: by 10.140.25.11 with SMTP id 11mr2955394qgs.9.1408028892011; Thu, 14 Aug 2014 08:08:12 -0700 (PDT) Received: by 10.229.4.197 with HTTP; Thu, 14 Aug 2014 08:08:11 -0700 (PDT) Date: Thu, 14 Aug 2014 11:08:11 -0400 Message-ID: Subject: pf and Lenovo USB 2.0 Ethernet Adapter From: Aaron Wright To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2014 15:08:57 -0000 Hello, I apologize if this isn't the best mailing list to bring this problem to, please direct me to a more appropriate one if needed. I'll try to keep this simple. I have a Lenovo T400 laptop that has an on board Ethernet jack that is detected as em0. I have added a Lenovo USB 2.0 Ethernet Adapter that is on the hardware compatibility list, it is detected as ue0. I installed FreeBSD 10.0-RELEASE on this laptop a couple of weeks ago. For troubleshooting purposes, my pf.conf file has one line, "pass all". Everything works correctly with the em0 interface when pf is enabled. I can ping the laptop, and I can connect to it using ssh The ue0 interface is the problem. I can ping it when pf is enabled, but I cannot ssh into it. If I disable pf, then I can successfully ssh into it. I'm using the same rule set for both interfaces. I don't know what's going on here. Could someone shed some light on this problem for me? Thanks, Aaron From owner-freebsd-pf@FreeBSD.ORG Fri Aug 15 04:36:07 2014 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A1852457 for ; Fri, 15 Aug 2014 04:36:07 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 88DD52145 for ; Fri, 15 Aug 2014 04:36:07 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7F4a7RN001772 for ; Fri, 15 Aug 2014 04:36:07 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 127920] [pf] ipv6 and synproxy don't play well together Date: Fri, 15 Aug 2014 04:36:06 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 7.1-PRERELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: glebius@FreeBSD.org X-Bugzilla-Status: Needs MFC X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: glebius@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status cc assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Aug 2014 04:36:07 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=127920 Gleb Smirnoff changed: What |Removed |Added ---------------------------------------------------------------------------- Status|In Discussion |Needs MFC CC| |glebius@FreeBSD.org Assignee|freebsd-pf@FreeBSD.org |glebius@FreeBSD.org -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-pf@FreeBSD.ORG Sat Aug 16 10:54:11 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 26D9B4BC for ; Sat, 16 Aug 2014 10:54:11 +0000 (UTC) Received: from skapet.bsdly.net (cl-426.sto-01.se.sixxs.net [IPv6:2001:16d8:ff00:1a9::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B83CC2C65 for ; Sat, 16 Aug 2014 10:54:10 +0000 (UTC) Received: from [192.168.103.72] (helo=elke.bsdly.net) by skapet.bsdly.net with esmtp (Exim 4.83) (envelope-from ) id 1XIbcW-0002ps-GH; Sat, 16 Aug 2014 12:54:05 +0200 To: freebsd-pf@freebsd.org Subject: Re: pf and Lenovo USB 2.0 Ethernet Adapter References: From: peter@bsdly.net (Peter N. M. Hansteen) Date: 16 Aug 2014 12:53:53 +0200 In-Reply-To: Message-ID: <87iolsk8n2.fsf@elke.bsdly.net> Lines: 27 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Aug 2014 10:54:11 -0000 Aaron Wright writes: > For troubleshooting purposes, my pf.conf file has one line, "pass all". > > Everything works correctly with the em0 interface when pf is enabled. I > can ping the laptop, and I can connect to it using ssh > > The ue0 interface is the problem. I can ping it when pf is enabled, but I > cannot ssh into it. If I disable pf, then I can successfully ssh into it. > I'm using the same rule set for both interfaces. I don't know what's > going on here. Just to do away with the obvious - what does pfctl -sr output, with and without ue0 plugged in? - what does ifconfig -a output, with and without ue0 plugged in? plus, what's the network topology? Is the box you're ssh-ing in from in the directly connected network for either of the interfaces? -Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.