From owner-freebsd-pf@freebsd.org  Wed Mar  2 13:49:13 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id D8F7AABF8D4
 for <freebsd-pf@mailman.ysv.freebsd.org>; Wed,  2 Mar 2016 13:49:13 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id CB08B1183
 for <freebsd-pf@FreeBSD.org>; Wed,  2 Mar 2016 13:49:13 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u22DnDMa044525
 for <freebsd-pf@FreeBSD.org>; Wed, 2 Mar 2016 13:49:13 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-pf@FreeBSD.org
Subject: [Bug 207598] pf adds icmp unreach on gre/ipsec somehow
Date: Wed, 02 Mar 2016 13:49:14 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 10.2-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: ae@FreeBSD.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-pf@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: assigned_to cc
Message-ID: <bug-207598-17777-zSBAz3zFrZ@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-207598-17777@https.bugs.freebsd.org/bugzilla/>
References: <bug-207598-17777@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2016 13:49:13 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D207598

Andrey V. Elsukov <ae@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|freebsd-bugs@FreeBSD.org    |freebsd-pf@FreeBSD.org
                 CC|                            |ae@FreeBSD.org

--=20
You are receiving this mail because:
You are the assignee for the bug.=

From owner-freebsd-pf@freebsd.org  Fri Mar  4 02:58:53 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 03F58A9312E
 for <freebsd-pf@mailman.ysv.freebsd.org>; Fri,  4 Mar 2016 02:58:53 +0000 (UTC)
 (envelope-from list_freebsd@bluerosetech.com)
Received: from delta.brtsvcs.net (delta.brtsvcs.net
 [IPv6:2001:19f0:6000:8e75:5400:ff:fe14:fb98])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id E8C8819E
 for <freebsd-pf@freebsd.org>; Fri,  4 Mar 2016 02:58:52 +0000 (UTC)
 (envelope-from list_freebsd@bluerosetech.com)
Received: from chombo.houseloki.net (unknown
 [IPv6:2001:558:6025:4b:757f:4f8f:4dc0:401e])
 by delta.brtsvcs.net (Postfix) with ESMTPS id 057004E238
 for <freebsd-pf@freebsd.org>; Fri,  4 Mar 2016 02:58:46 +0000 (UTC)
Received: from [IPv6:2601:1c2:d00:3e10:baca:3aff:fe83:bd29] (unknown
 [IPv6:2601:1c2:d00:3e10:baca:3aff:fe83:bd29])
 by chombo.houseloki.net (Postfix) with ESMTPSA id 117731F31
 for <freebsd-pf@freebsd.org>; Thu,  3 Mar 2016 18:58:41 -0800 (PST)
To: freebsd-pf@freebsd.org
From: Melissa Pilgrim <list_freebsd@bluerosetech.com>
Subject: IPv6 fragments in 10.2
Message-ID: <56D8F9E1.9060808@bluerosetech.com>
Date: Thu, 3 Mar 2016 18:58:41 -0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2016 02:58:53 -0000

Now that pf in 10.2 supports IPv6 fragments, how do you configure pf to 
allow them?  I'm still seeing UDP PMTU breakage specifically with 
FreeBSD and pf related to the packet filter not passing fragments.  The 
basic "fragment reassemble" scrub rule doesn't seem to be sufficient. 
The man page was not updated with the commit, and I'm not having any 
luck with web searches.

From owner-freebsd-pf@freebsd.org  Fri Mar  4 07:33:05 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 961E09DA362
 for <freebsd-pf@mailman.ysv.freebsd.org>; Fri,  4 Mar 2016 07:33:05 +0000 (UTC)
 (envelope-from kp@FreeBSD.org)
Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits))
 (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 661EA397
 for <freebsd-pf@freebsd.org>; Fri,  4 Mar 2016 07:33:05 +0000 (UTC)
 (envelope-from kp@FreeBSD.org)
Received: from [IPv6:2a02:1811:2419:4e02:9112:8f26:91ea:d4ff] (unknown
 [IPv6:2a02:1811:2419:4e02:9112:8f26:91ea:d4ff])
 by venus.codepro.be (Postfix) with ESMTPSA id 89C93192BC;
 Fri,  4 Mar 2016 08:33:01 +0100 (CET)
Subject: Re: IPv6 fragments in 10.2
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: text/plain; charset=utf-8
From: Kristof Provost <kp@FreeBSD.org>
X-Checked-By-Nsa: Probably
In-Reply-To: <56D8F9E1.9060808@bluerosetech.com>
Date: Fri, 4 Mar 2016 08:33:03 +0100
Cc: freebsd-pf@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <9F4AE691-7D6C-4FC4-9FCA-AA16F9AE9263@FreeBSD.org>
References: <56D8F9E1.9060808@bluerosetech.com>
To: Melissa Pilgrim <list_freebsd@bluerosetech.com>
X-Mailer: Apple Mail (2.3124)
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2016 07:33:05 -0000


> On 04 Mar 2016, at 03:58, Melissa Pilgrim =
<list_freebsd@bluerosetech.com> wrote:
>=20
> Now that pf in 10.2 supports IPv6 fragments, how do you configure pf =
to allow them?  I'm still seeing UDP PMTU breakage specifically with =
FreeBSD and pf related to the packet filter not passing fragments.  The =
basic "fragment reassemble" scrub rule doesn't seem to be sufficient. =
The man page was not updated with the commit, and I'm not having any =
luck with web searches.

The =E2=80=98scrub all fragment reassemble=E2=80=99 rule should be =
sufficient.

Can you post your pf.conf and a network capture demonstrating the =
problem?

Thanks,
Kristof


From owner-freebsd-pf@freebsd.org  Sat Mar  5 18:39:30 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1DD32A0AE8D
 for <freebsd-pf@mailman.ysv.freebsd.org>; Sat,  5 Mar 2016 18:39:30 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0F80FBD9
 for <freebsd-pf@FreeBSD.org>; Sat,  5 Mar 2016 18:39:30 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u25IdTip019831
 for <freebsd-pf@FreeBSD.org>; Sat, 5 Mar 2016 18:39:29 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-pf@FreeBSD.org
Subject: [Bug 201519] pf NAT translates ICMP type 3 packects incorrectly
Date: Sat, 05 Mar 2016 18:39:29 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 9.3-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: kredaxx@gmail.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-pf@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-201519-17777-y37lyrD2lm@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-201519-17777@https.bugs.freebsd.org/bugzilla/>
References: <bug-201519-17777@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Mar 2016 18:39:30 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D201519

kredaxx@gmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kredaxx@gmail.com

--- Comment #1 from kredaxx@gmail.com ---
I have the exact same problem on:

FreeBSD r1 10.2-RELEASE-p5 FreeBSD 10.2-RELEASE-p5 #0: Sun Oct 11 14:19:57 =
CEST
2015

--=20
You are receiving this mail because:
You are the assignee for the bug.=