From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:05:26 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EE1C11065672; Mon, 6 Jun 2011 06:05:26 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C5F448FC0C; Mon, 6 Jun 2011 06:05:26 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5665QTH027157; Mon, 6 Jun 2011 06:05:26 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5665Qu0027153; Mon, 6 Jun 2011 06:05:26 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 06:05:26 GMT Message-Id: <201106060605.p5665Qu0027153@freefall.freebsd.org> To: barney@pit.databus.com, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/74104: [ipfw] ipfw2/1 conflict not detected or reported, manpage unclear X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:05:27 -0000 Synopsis: [ipfw] ipfw2/1 conflict not detected or reported, manpage unclear State-Changed-From-To: open->closed State-Changed-By: ae State-Changed-When: Mon Jun 6 06:05:01 UTC 2011 State-Changed-Why: We are sorry, but 4.x releases are not supported. http://www.freebsd.org/cgi/query-pr.cgi?pr=74104 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:20:09 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0F06F1065675 for ; Mon, 6 Jun 2011 06:20:09 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id D96E48FC0C for ; Mon, 6 Jun 2011 06:20:08 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p566K8HH037330 for ; Mon, 6 Jun 2011 06:20:08 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p566K855037329; Mon, 6 Jun 2011 06:20:08 GMT (envelope-from gnats) Date: Mon, 6 Jun 2011 06:20:08 GMT Message-Id: <201106060620.p566K855037329@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: "Andrey V. Elsukov" Cc: Subject: Re: kern/157379: [ipfw] mtr does not work if I use ipfw nat X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Andrey V. Elsukov" List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:20:09 -0000 The following reply was made to PR kern/157379; it has been noted by GNATS. From: "Andrey V. Elsukov" To: bug-followup@FreeBSD.org, kes-kes@yandex.ru Cc: Subject: Re: kern/157379: [ipfw] mtr does not work if I use ipfw nat Date: Mon, 06 Jun 2011 09:51:09 +0400 Hi, Can you test this patch? http://people.freebsd.org/~ae/ipfw_nat.diff -- WBR, Andrey V. Elsukov From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:38:00 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 12364106564A; Mon, 6 Jun 2011 06:38:00 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id DE2D08FC08; Mon, 6 Jun 2011 06:37:59 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p566bxiA056037; Mon, 6 Jun 2011 06:37:59 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p566bxrN056033; Mon, 6 Jun 2011 06:37:59 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 06:37:59 GMT Message-Id: <201106060637.p566bxrN056033@freefall.freebsd.org> To: jylefort@FreeBSD.org, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/88659: [modules] ipfw and ip6fw do not work properly as modules X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:38:00 -0000 Synopsis: [modules] ipfw and ip6fw do not work properly as modules State-Changed-From-To: open->closed State-Changed-By: ae State-Changed-When: Mon Jun 6 06:35:47 UTC 2011 State-Changed-Why: ipfw and ip6fw were combined into one module. http://www.freebsd.org/cgi/query-pr.cgi?pr=88659 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:40:08 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 112C6106566C; Mon, 6 Jun 2011 06:40:02 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4CD3B8FC16; Mon, 6 Jun 2011 06:40:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p566e29W056397; Mon, 6 Jun 2011 06:40:02 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p566e1TJ056392; Mon, 6 Jun 2011 06:40:01 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 06:40:01 GMT Message-Id: <201106060640.p566e1TJ056392@freefall.freebsd.org> To: yar@mail.zp.ua, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/93300: [ipfw] ipfw pipe lost packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:40:08 -0000 Synopsis: [ipfw] ipfw pipe lost packets State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 06:39:45 UTC 2011 State-Changed-Why: Can you still reproduce this on a supported release? http://www.freebsd.org/cgi/query-pr.cgi?pr=93300 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:42:56 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 186EB106566C; Mon, 6 Jun 2011 06:42:56 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E4ED28FC0C; Mon, 6 Jun 2011 06:42:55 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p566gttl064698; Mon, 6 Jun 2011 06:42:55 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p566gtNY064693; Mon, 6 Jun 2011 06:42:55 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 06:42:55 GMT Message-Id: <201106060642.p566gtNY064693@freefall.freebsd.org> To: kaeptn@schmalzbauer.de, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/98831: [ipfw] ipfw has UDP hickups X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:42:56 -0000 Synopsis: [ipfw] ipfw has UDP hickups State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 06:42:34 UTC 2011 State-Changed-Why: Can you still reproduce this on a supported release? http://www.freebsd.org/cgi/query-pr.cgi?pr=98831 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:59:07 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E9C951065672; Mon, 6 Jun 2011 06:59:07 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C24FE8FC13; Mon, 6 Jun 2011 06:59:07 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p566x794076683; Mon, 6 Jun 2011 06:59:07 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p566x7DV076679; Mon, 6 Jun 2011 06:59:07 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 06:59:07 GMT Message-Id: <201106060659.p566x7DV076679@freefall.freebsd.org> To: kes-kes@yandex.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/129093: [ipfw] ipfw nat must not drop packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:59:08 -0000 Synopsis: [ipfw] ipfw nat must not drop packets State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 06:57:40 UTC 2011 State-Changed-Why: This seems to be a duplicate of kern/157379. Can you confirm that proposed patch fixes this issue? http://www.freebsd.org/cgi/query-pr.cgi?pr=129093 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 06:59:40 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E08611065672; Mon, 6 Jun 2011 06:59:40 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B7E938FC13; Mon, 6 Jun 2011 06:59:40 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p566xe9V076738; Mon, 6 Jun 2011 06:59:40 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p566xeE9076734; Mon, 6 Jun 2011 06:59:40 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 06:59:40 GMT Message-Id: <201106060659.p566xeE9076734@freefall.freebsd.org> To: kes-kes@yandex.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/157379: [ipfw] mtr does not work if I use ipfw nat X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 06:59:41 -0000 Synopsis: [ipfw] mtr does not work if I use ipfw nat State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 06:59:19 UTC 2011 State-Changed-Why: Feedback requested. http://www.freebsd.org/cgi/query-pr.cgi?pr=157379 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:01:23 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F0CF41065672; Mon, 6 Jun 2011 07:01:23 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C8F478FC0A; Mon, 6 Jun 2011 07:01:23 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5671NYE080938; Mon, 6 Jun 2011 07:01:23 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5671MYd080792; Mon, 6 Jun 2011 07:01:22 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:01:22 GMT Message-Id: <201106060701.p5671MYd080792@freefall.freebsd.org> To: m.dyadchenko@211.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:01:24 -0000 Synopsis: [ipfw] ipfw nat traceroute problem State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 07:00:37 UTC 2011 State-Changed-Why: Can you test this patch? http://people.freebsd.org/~ae/ipfw_nat.diff http://www.freebsd.org/cgi/query-pr.cgi?pr=122109 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:09:45 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EB5FB106566C; Mon, 6 Jun 2011 07:09:45 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C21258FC13; Mon, 6 Jun 2011 07:09:45 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5679jEe085766; Mon, 6 Jun 2011 07:09:45 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5679jPN085762; Mon, 6 Jun 2011 07:09:45 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:09:45 GMT Message-Id: <201106060709.p5679jPN085762@freefall.freebsd.org> To: umike@kaluga.net, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: bin/130132: [patch] ipfw(8): no way to get mask from ipfw pipe show/list for some pipes X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:09:46 -0000 Synopsis: [patch] ipfw(8): no way to get mask from ipfw pipe show/list for some pipes State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 07:08:50 UTC 2011 State-Changed-Why: Can you still reproduce this on a supported release? It seems the problem is already fixed. http://www.freebsd.org/cgi/query-pr.cgi?pr=130132 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:15:09 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A73F8106567B; Mon, 6 Jun 2011 07:15:09 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7FB2A8FC0C; Mon, 6 Jun 2011 07:15:09 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p567F9W4096682; Mon, 6 Jun 2011 07:15:09 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p567F9O7096677; Mon, 6 Jun 2011 07:15:09 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:15:09 GMT Message-Id: <201106060715.p567F9O7096677@freefall.freebsd.org> To: freebsd@alexus.org, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/139581: [ipfw] "ipfw pipe" not limiting bandwidth X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:15:09 -0000 Synopsis: [ipfw] "ipfw pipe" not limiting bandwidth State-Changed-From-To: open->closed State-Changed-By: ae State-Changed-When: Mon Jun 6 07:12:25 UTC 2011 State-Changed-Why: Seems like a problem in the incorrect usage. http://www.freebsd.org/cgi/query-pr.cgi?pr=139581 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:18:10 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 492E21065674; Mon, 6 Jun 2011 07:18:10 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 2102B8FC16; Mon, 6 Jun 2011 07:18:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p567IAfJ097145; Mon, 6 Jun 2011 07:18:10 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p567I9F8097141; Mon, 6 Jun 2011 07:18:09 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:18:09 GMT Message-Id: <201106060718.p567I9F8097141@freefall.freebsd.org> To: av@holymail.biz, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/150798: [ipfw] ipfw2 fwd rule matches packets but does not do the job in fact. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:18:10 -0000 Synopsis: [ipfw] ipfw2 fwd rule matches packets but does not do the job in fact. State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Mon Jun 6 07:17:50 UTC 2011 State-Changed-Why: Patched in head/. http://www.freebsd.org/cgi/query-pr.cgi?pr=150798 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:21:43 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6EA24106566B; Mon, 6 Jun 2011 07:21:43 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 459538FC12; Mon, 6 Jun 2011 07:21:43 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p567LhPg004894; Mon, 6 Jun 2011 07:21:43 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p567LhGt004890; Mon, 6 Jun 2011 07:21:43 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:21:43 GMT Message-Id: <201106060721.p567LhGt004890@freefall.freebsd.org> To: chris@smartt.com, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/139226: [ipfw] install_state: entry already present, done X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:21:43 -0000 Synopsis: [ipfw] install_state: entry already present, done State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Mon Jun 6 07:20:35 UTC 2011 State-Changed-Why: Patched in head/ with r222559. http://www.freebsd.org/cgi/query-pr.cgi?pr=139226 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:24:10 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A4BD6106566C; Mon, 6 Jun 2011 07:24:10 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 7CA4D8FC18; Mon, 6 Jun 2011 07:24:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p567OAaW005697; Mon, 6 Jun 2011 07:24:10 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p567O9Ng005693; Mon, 6 Jun 2011 07:24:09 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:24:09 GMT Message-Id: <201106060724.p567O9Ng005693@freefall.freebsd.org> To: nicolas-2009@rachinsky.de, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/136695: [ipfw] [patch] fwd reached after skipto in dynamic rules does not work in every case X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:24:10 -0000 Synopsis: [ipfw] [patch] fwd reached after skipto in dynamic rules does not work in every case State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Mon Jun 6 07:23:31 UTC 2011 State-Changed-Why: Patched in head/ with r222582. http://www.freebsd.org/cgi/query-pr.cgi?pr=136695 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 07:31:23 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDB1C106566C; Mon, 6 Jun 2011 07:31:23 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C5B238FC13; Mon, 6 Jun 2011 07:31:23 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p567VNO7024397; Mon, 6 Jun 2011 07:31:23 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p567VNdF024388; Mon, 6 Jun 2011 07:31:23 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 07:31:23 GMT Message-Id: <201106060731.p567VNdF024388@freefall.freebsd.org> To: bu7cher@yandex.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/87032: [ipfw] [patch] ipfw ioctl interface implementation X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 07:31:24 -0000 Synopsis: [ipfw] [patch] ipfw ioctl interface implementation State-Changed-From-To: open->closed State-Changed-By: ae State-Changed-When: Mon Jun 6 07:30:58 UTC 2011 State-Changed-Why: Close my PR. http://www.freebsd.org/cgi/query-pr.cgi?pr=87032 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 08:04:24 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B7F21065673; Mon, 6 Jun 2011 08:04:24 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 631438FC19; Mon, 6 Jun 2011 08:04:24 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5684O55062932; Mon, 6 Jun 2011 08:04:24 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5684NPA062926; Mon, 6 Jun 2011 08:04:23 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 08:04:23 GMT Message-Id: <201106060804.p5684NPA062926@freefall.freebsd.org> To: kuznec@hcn-strela.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/105330: [ipfw] [patch] ipfw (dummynet) does not allow to set queue length > 100 packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 08:04:24 -0000 Synopsis: [ipfw] [patch] ipfw (dummynet) does not allow to set queue length > 100 packets State-Changed-From-To: open->closed State-Changed-By: ae State-Changed-When: Mon Jun 6 08:03:30 UTC 2011 State-Changed-Why: The sysctl(8) variables net.inet.ip.dummynet.pipe_byte_limit and net.inet.ip.dummynet.pipe_slot_limit control the maximum lengths that can be specified. http://www.freebsd.org/cgi/query-pr.cgi?pr=105330 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 08:58:38 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 40707106566B; Mon, 6 Jun 2011 08:58:38 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 18BBB8FC08; Mon, 6 Jun 2011 08:58:38 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p568wbHj013971; Mon, 6 Jun 2011 08:58:37 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p568wb8G013966; Mon, 6 Jun 2011 08:58:37 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 08:58:37 GMT Message-Id: <201106060858.p568wb8G013966@freefall.freebsd.org> To: myz@csu.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/112561: [ipfw] ipfw fwd does not work with some TCP packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 08:58:38 -0000 Synopsis: [ipfw] ipfw fwd does not work with some TCP packets State-Changed-From-To: open->feedback State-Changed-By: ae State-Changed-When: Mon Jun 6 08:53:08 UTC 2011 State-Changed-Why: Can you show your rules? Do you have dynamic rules? http://www.freebsd.org/cgi/query-pr.cgi?pr=112561 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 10:53:17 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4C8F71065678; Mon, 6 Jun 2011 10:53:17 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 254668FC17; Mon, 6 Jun 2011 10:53:17 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56ArH71027749; Mon, 6 Jun 2011 10:53:17 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56ArHGn027745; Mon, 6 Jun 2011 10:53:17 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 10:53:17 GMT Message-Id: <201106061053.p56ArHGn027745@freefall.freebsd.org> To: sem@FreeBSD.org, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: bin/125370: [ipfw] [patch] increase a line buffer limit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 10:53:17 -0000 Synopsis: [ipfw] [patch] increase a line buffer limit State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Mon Jun 6 10:52:50 UTC 2011 State-Changed-Why: Patched in head/. Thanks! http://www.freebsd.org/cgi/query-pr.cgi?pr=125370 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 11:00:23 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C2FB1106567C for ; Mon, 6 Jun 2011 11:00:23 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B32858FC0A for ; Mon, 6 Jun 2011 11:00:23 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56B0NsP027977 for ; Mon, 6 Jun 2011 11:00:23 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56B0Njg027976; Mon, 6 Jun 2011 11:00:23 GMT (envelope-from gnats) Date: Mon, 6 Jun 2011 11:00:23 GMT Message-Id: <201106061100.p56B0Njg027976@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: bin/125370: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 11:00:23 -0000 The following reply was made to PR bin/125370; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/125370: commit references a PR Date: Mon, 6 Jun 2011 10:52:40 +0000 (UTC) Author: ae Date: Mon Jun 6 10:52:26 2011 New Revision: 222744 URL: http://svn.freebsd.org/changeset/base/222744 Log: Increase buffer size for the command line. PR: bin/125370 Submitted by: sem MFC after: 2 weeks Modified: head/sbin/ipfw/main.c Modified: head/sbin/ipfw/main.c ============================================================================== --- head/sbin/ipfw/main.c Mon Jun 6 10:51:00 2011 (r222743) +++ head/sbin/ipfw/main.c Mon Jun 6 10:52:26 2011 (r222744) @@ -444,7 +444,7 @@ static void ipfw_readfile(int ac, char *av[]) { #define MAX_ARGS 32 - char buf[BUFSIZ]; + char buf[4096]; char *progname = av[0]; /* original program name */ const char *cmd = NULL; /* preprocessor name, if any */ const char *filename = av[ac-1]; /* file to read */ @@ -552,7 +552,7 @@ ipfw_readfile(int ac, char *av[]) } } - while (fgets(buf, BUFSIZ, f)) { /* read commands */ + while (fgets(buf, sizeof(buf), f)) { /* read commands */ char linename[20]; char *args[2]; _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 11:07:07 2011 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC1161065691 for ; Mon, 6 Jun 2011 11:07:07 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id BF7758FC15 for ; Mon, 6 Jun 2011 11:07:07 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56B77fj037652 for ; Mon, 6 Jun 2011 11:07:07 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56B77KU037650 for freebsd-ipfw@FreeBSD.org; Mon, 6 Jun 2011 11:07:07 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 6 Jun 2011 11:07:07 GMT Message-Id: <201106061107.p56B77KU037650@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 11:07:07 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- f kern/157379 ipfw [ipfw] mtr does not work if I use ipfw nat o kern/157239 ipfw [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packet o kern/156770 ipfw [ipfw] [dummynet] [patch]: performance improvement and o bin/156653 ipfw ipfw(8) reports missing file as parameter problem p kern/156410 ipfw [patch][ipfw] tablearg option for ipfw setfib o kern/155927 ipfw [ipfw] ipfw stops to check packets for compliance with o bin/153252 ipfw [ipfw][patch] ipfw lockdown system in subsequent call o kern/153161 ipfw IPFIREWALL does not allow specify rules with ICMP code o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo p kern/150798 ipfw [ipfw] ipfw2 fwd rule matches packets but does not do o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. f kern/148157 ipfw [ipfw] IPFW in kernel nat BUG found in FreeBSD 8.1-PRE o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/147720 ipfw [ipfw] ipfw dynamic rules and fwd o kern/145305 ipfw [ipfw] ipfw problems, panics, data corruption, ipv6 so o kern/144269 ipfw [ipfw] problem with ipfw tables o kern/144187 ipfw [ipfw] deadlock using multiple ipfw nat and multiple l o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/143474 ipfw [ipfw] ipfw table contains the same address p kern/139226 ipfw [ipfw] install_state: entry already present, done o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles p kern/136695 ipfw [ipfw] [patch] fwd reached after skipto in dynamic rul o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o o bin/134975 ipfw [patch] ipfw(8) can't work with set in rule file. o kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke o kern/131601 ipfw [ipfw] [panic] 7-STABLE panic in nat_finalise (tcp=0) o kern/131558 ipfw [ipfw] Inconsistent "via" ipfw behavior f bin/130132 ipfw [patch] ipfw(8): no way to get mask from ipfw pipe sho o kern/129103 ipfw [ipfw] IPFW check state does not work =( f kern/129093 ipfw [ipfw] ipfw nat must not drop packets o kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n o kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes p bin/125370 ipfw [ipfw] [patch] increase a line buffer limit o conf/123119 ipfw [patch] rc script for ipfw does not handle IPv6 o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip f kern/122109 ipfw [ipfw] ipfw nat traceroute problem s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121382 ipfw [dummynet] 6.3-RELEASE-p1 page fault in dummynet (corr o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/118993 ipfw [ipfw] page fault - probably it's a locking problem o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o docs/113803 ipfw [patch] ipfw(8) - don't get bitten by the fwd rule f kern/112561 ipfw [ipfw] ipfw fwd does not work with some TCP packets o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support f kern/98831 ipfw [ipfw] ipfw has UDP hickups o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v f kern/93300 ipfw [ipfw] ipfw pipe lost packets o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046 ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou o bin/78785 ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir f kern/73910 ipfw [ipfw] serious bug on forwarding of packets after NAT f kern/72987 ipfw [ipfw] ipfw/dummynet pipe/queue 'queue [BYTES]KBytes ( f kern/71366 ipfw [ipfw] "ipfw fwd" sometimes rewrites destination mac a p kern/69963 ipfw [ipfw] install_state warning about already existing en o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes o kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 73 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 11:11:25 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D3C3310656D1; Mon, 6 Jun 2011 11:11:25 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AA0538FC12; Mon, 6 Jun 2011 11:11:25 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56BBPEW042275; Mon, 6 Jun 2011 11:11:25 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56BBPx0042253; Mon, 6 Jun 2011 11:11:25 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 11:11:25 GMT Message-Id: <201106061111.p56BBPx0042253@freefall.freebsd.org> To: cyberman.wu@gmail.com, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: bin/134975: [patch] ipfw(8) can't work with set in rule file. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 11:11:27 -0000 Synopsis: [patch] ipfw(8) can't work with set in rule file. State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Mon Jun 6 11:10:59 UTC 2011 State-Changed-Why: Committed to head/. Thanks! http://www.freebsd.org/cgi/query-pr.cgi?pr=134975 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 11:20:10 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72C66106564A for ; Mon, 6 Jun 2011 11:20:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 630AE8FC14 for ; Mon, 6 Jun 2011 11:20:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56BKAvo050295 for ; Mon, 6 Jun 2011 11:20:10 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56BKAMe050294; Mon, 6 Jun 2011 11:20:10 GMT (envelope-from gnats) Date: Mon, 6 Jun 2011 11:20:10 GMT Message-Id: <201106061120.p56BKAMe050294@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: bin/134975: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 11:20:10 -0000 The following reply was made to PR bin/134975; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/134975: commit references a PR Date: Mon, 6 Jun 2011 11:12:18 +0000 (UTC) Author: ae Date: Mon Jun 6 11:10:38 2011 New Revision: 222745 URL: http://svn.freebsd.org/changeset/base/222745 Log: Initialize co.use_set variable before parsing each new rule. PR: bin/134975 MFC after: 2 weeks Modified: head/sbin/ipfw/main.c Modified: head/sbin/ipfw/main.c ============================================================================== --- head/sbin/ipfw/main.c Mon Jun 6 10:52:26 2011 (r222744) +++ head/sbin/ipfw/main.c Mon Jun 6 11:10:38 2011 (r222745) @@ -356,6 +356,7 @@ ipfw_main(int oldac, char **oldav) */ co.do_nat = 0; co.do_pipe = 0; + co.use_set = 0; if (!strncmp(*av, "nat", strlen(*av))) co.do_nat = 1; else if (!strncmp(*av, "pipe", strlen(*av))) _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 11:26:21 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 967B71065670; Mon, 6 Jun 2011 11:26:21 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6EC048FC15; Mon, 6 Jun 2011 11:26:21 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56BQLRF058380; Mon, 6 Jun 2011 11:26:21 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56BQL30058376; Mon, 6 Jun 2011 11:26:21 GMT (envelope-from ae) Date: Mon, 6 Jun 2011 11:26:21 GMT Message-Id: <201106061126.p56BQL30058376@freefall.freebsd.org> To: ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org, freebsd-net@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/131601: [ipfilter] [panic] 7-STABLE panic in nat_finalise (tcp=0) X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 11:26:21 -0000 Old Synopsis: [ipfw] [panic] 7-STABLE panic in nat_finalise (tcp=0) New Synopsis: [ipfilter] [panic] 7-STABLE panic in nat_finalise (tcp=0) Responsible-Changed-From-To: freebsd-ipfw->freebsd-net Responsible-Changed-By: ae Responsible-Changed-When: Mon Jun 6 11:24:06 UTC 2011 Responsible-Changed-Why: Reassign to freebsd-net@. http://www.freebsd.org/cgi/query-pr.cgi?pr=131601 From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 14:50:06 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AC8FB1065673 for ; Mon, 6 Jun 2011 14:50:06 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 9C8BA8FC16 for ; Mon, 6 Jun 2011 14:50:06 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56Eo6WN046101 for ; Mon, 6 Jun 2011 14:50:06 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56Eo6eT046100; Mon, 6 Jun 2011 14:50:06 GMT (envelope-from gnats) Date: Mon, 6 Jun 2011 14:50:06 GMT Message-Id: <201106061450.p56Eo6eT046100@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: ten Cc: Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ten List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 14:50:06 -0000 The following reply was made to PR kern/122109; it has been noted by GNATS. From: ten To: bug-followup@FreeBSD.org, m.dyadchenko@211.ru Cc: Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem Date: Mon, 6 Jun 2011 21:38:36 +0700 --000e0cd22f68002b4704a50c0f97 Content-Type: text/plain; charset=ISO-8859-1 It seems I have too old version, and patch not applicable to me 7.3-STABLE FreeBSD 7.3-STABLE #2 amd64 src/sys/netinet/ip_fw_nat.c __FBSDID("$FreeBSD: src/sys/netinet/ip_fw_nat.c,v 1.2.2.2 2008/06/23 14:15:53 mav Exp $"); --000e0cd22f68002b4704a50c0f97 Content-Type: text/html; charset=ISO-8859-1 It seems I have too old version, and patch not applicable to me

7.3-STABLE FreeBSD 7.3-STABLE #2 amd64

src/sys/netinet/ip_fw_nat.c
__FBSDID("$FreeBSD: src/sys/netinet/ip_fw_nat.c,v 1.2.2.2 2008/06/23 14:15:53 mav Exp $");

--000e0cd22f68002b4704a50c0f97-- From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 15:00:30 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3706F1065686 for ; Mon, 6 Jun 2011 15:00:30 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 0983D8FC13 for ; Mon, 6 Jun 2011 15:00:30 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p56F0S3q054505 for ; Mon, 6 Jun 2011 15:00:28 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p56F0SQQ054504; Mon, 6 Jun 2011 15:00:28 GMT (envelope-from gnats) Date: Mon, 6 Jun 2011 15:00:28 GMT Message-Id: <201106061500.p56F0SQQ054504@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: ten Cc: Subject: Re: kern/150798: [ipfw] ipfw2 fwd rule matches packets but does not do the job in fact. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ten List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 15:00:30 -0000 The following reply was made to PR kern/150798; it has been noted by GNATS. From: ten To: bug-followup@FreeBSD.org, av@holymail.biz Cc: Subject: Re: kern/150798: [ipfw] ipfw2 fwd rule matches packets but does not do the job in fact. Date: Mon, 6 Jun 2011 21:35:14 +0700 --000e0cd22f68f6d1b604a50c02bc Content-Type: text/plain; charset=ISO-8859-1 It seems I have too old version, and patch not applicable to me. 7.3-STABLE FreeBSD 7.3-STABLE #2 amd64 __FBSDID("$FreeBSD: src/sys/netinet/ip_fw_nat.c,v 1.2.2.2 2008/06/23 14:15:53 mav Exp $"); --000e0cd22f68f6d1b604a50c02bc Content-Type: text/html; charset=KOI8-R Content-Transfer-Encoding: base64 PHNwYW4gaWQ9InJlc3VsdF9ib3giIGNsYXNzPSIiIGxhbmc9ImVuIj48c3BhbiB0aXRsZT0i7sHW zcnUxSwg3tTPwtkg1dfJxMXU2CDBzNjUxdLOwdTJ187ZyiDQxdLF18/EIiBjbGFzcz0iaHBzIj5J dCBzZWVtczwvc3Bhbj4gPHNwYW4gdGl0bGU9Iu7B1s3J1MUsIN7Uz8LZINXXycTF1NggwczY1MXS zsHUydfO2cog0MXSxdfPxCIgY2xhc3M9ImhwcyI+SSBoYXZlPC9zcGFuPiA8c3BhbiB0aXRsZT0i 7sHWzcnUxSwg3tTPwtkg1dfJxMXU2CDBzNjUxdLOwdTJ187ZyiDQxdLF18/EIiBjbGFzcz0iaHBz Ij50b288L3NwYW4+IDxzcGFuIHRpdGxlPSLuwdbNydTFLCDe1M/C2SDV18nExdTYIMHM2NTF0s7B 1MnXztnKINDF0sXXz8QiIGNsYXNzPSJocHMiPm9sZDwvc3Bhbj4gPHNwYW4gdGl0bGU9Iu7B1s3J 1MUsIN7Uz8LZINXXycTF1NggwczY1MXSzsHUydfO2cog0MXSxdfPxCIgY2xhc3M9ImhwcyI+dmVy c2lvbjwvc3Bhbj48c3BhbiBjbGFzcz0iIiB0aXRsZT0i7sHWzcnUxSwg3tTPwtkg1dfJxMXU2CDB zNjUxdLOwdTJ187ZyiDQxdLF18/EIj4sPC9zcGFuPiBhbmQgPHNwYW4gdGl0bGU9Iu7B1s3J1MUs IN7Uz8LZINXXycTF1NggwczY1MXSzsHUydfO2cog0MXSxdfPxCIgY2xhc3M9ImhwcyI+cGF0Y2gg PC9zcGFuPjwvc3Bhbj48c3BhbiBpZD0icmVzdWx0X2JveCIgY2xhc3M9InNob3J0X3RleHQiIGxh bmc9ImVuIj48c3BhbiB0aXRsZT0i7sHWzcnUxSwg3tTPwtkg1dfJxMXU2CDBzNjUxdLOwdTJ187Z yiDQxdLF18/EIiBjbGFzcz0iaHBzIj5ub3Q8L3NwYW4+IDxzcGFuIHRpdGxlPSLuwdbNydTFLCDe 1M/C2SDV18nExdTYIMHM2NTF0s7B1MnXztnKINDF0sXXz8QiIGNsYXNzPSJocHMiPmFwcGxpY2Fi bGU8L3NwYW4+PC9zcGFuPjxzcGFuIGlkPSJyZXN1bHRfYm94IiBjbGFzcz0iIiBsYW5nPSJlbiI+ PHNwYW4gdGl0bGU9Iu7B1s3J1MUsIN7Uz8LZINXXycTF1NggwczY1MXSzsHUydfO2cog0MXSxdfP xCIgY2xhc3M9ImhwcyI+IHRvIG1lPC9zcGFuPjxzcGFuIHRpdGxlPSLuwdbNydTFLCDe1M/C2SDV 18nExdTYIMHM2NTF0s7B1MnXztnKINDF0sXXz8QiIGNsYXNzPSJocHMiPi48YnI+CjcuMy1TVEFC TEUgRnJlZUJTRCA3LjMtU1RBQkxFICMyIGFtZDY0PGJyPjwvc3Bhbj48L3NwYW4+X19GQlNESUQo JnF1b3Q7JEZyZWVCU0Q6IHNyYy9zeXMvbmV0aW5ldC9pcF9md19uYXQuYyx2IDEuMi4yLjIgMjAw OC8wNi8yMyAxNDoxNTo1MyBtYXYgRXhwICQmcXVvdDspOzxicj4K --000e0cd22f68f6d1b604a50c02bc-- From owner-freebsd-ipfw@FreeBSD.ORG Mon Jun 6 23:46:16 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 896B8106567B for ; Mon, 6 Jun 2011 23:46:16 +0000 (UTC) (envelope-from crest@informatik.uni-bremen.de) Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [134.102.201.18]) by mx1.freebsd.org (Postfix) with ESMTP id 1E4258FC1E for ; Mon, 6 Jun 2011 23:46:15 +0000 (UTC) Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.3/8.14.3) with ESMTP id p56HUr6j005468; Mon, 6 Jun 2011 19:30:54 +0200 (CEST) Received: from mb-wlan.dhcp.crest.dn42 (dslb-088-070-218-251.pools.arcor-ip.net [88.70.218.251]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id CA15B683; Mon, 6 Jun 2011 19:30:53 +0200 (CEST) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: crest In-Reply-To: <201106041300.p54D0Oji030792@freefall.freebsd.org> Date: Mon, 6 Jun 2011 19:30:52 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <201106041300.p54D0Oji030792@freefall.freebsd.org> To: Manuel Kasper X-Mailer: Apple Mail (2.1084) Cc: freebsd-ipfw@freebsd.org Subject: Re: kern/157239: [ipfw] [dummynet] ipfw + dummynet corrupts ipv6 packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2011 23:46:16 -0000 On 04.06.2011, at 15:00, Manuel Kasper wrote: > The following reply was made to PR kern/157239; it has been noted by = GNATS. >=20 > Also, I believe I've found the cause: ipfw/dummynet code uses =3D > SET_HOST_IPLEN on IPv6 packets in two instances, thus inadvertently =3D > swapping the next header and hop limit fields in the IPv6 header, =3D > causing the "Unknown Extension Header" warnings and dropped packets = (or =3D > bad packets appearing on the wire if =3D > net.inet6.ip6.fw.deny_unknown_exthdrs=3D3D0). >=20 > A patch against 8.2-RELEASE that fixes this issue for me is attached - = =3D > Jan, could you please verify if this fixes the issue for you too? I tested the patch and it solved the problem for a simple test setup. = I'll test it in a more complex setup this evening/ night (TZ=3DCEST).= From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 7 06:50:10 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 71705106566B for ; Tue, 7 Jun 2011 06:50:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 477E68FC18 for ; Tue, 7 Jun 2011 06:50:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p576oAFS034014 for ; Tue, 7 Jun 2011 06:50:10 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p576oAWd034013; Tue, 7 Jun 2011 06:50:10 GMT (envelope-from gnats) Date: Tue, 7 Jun 2011 06:50:10 GMT Message-Id: <201106070650.p576oAWd034013@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/122109: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2011 06:50:10 -0000 The following reply was made to PR kern/122109; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/122109: commit references a PR Date: Tue, 7 Jun 2011 06:42:38 +0000 (UTC) Author: ae Date: Tue Jun 7 06:42:29 2011 New Revision: 222806 URL: http://svn.freebsd.org/changeset/base/222806 Log: Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through. PR: kern/122109, kern/129093, kern/157379 Submitted by: Alexander V. Chernikov (previous version) MFC after: 1 month Modified: head/sys/netinet/ipfw/ip_fw_nat.c Modified: head/sys/netinet/ipfw/ip_fw_nat.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw_nat.c Tue Jun 7 06:18:02 2011 (r222805) +++ head/sys/netinet/ipfw/ip_fw_nat.c Tue Jun 7 06:42:29 2011 (r222806) @@ -262,17 +262,27 @@ ipfw_nat(struct ip_fw_args *args, struct else retval = LibAliasOut(t->lib, c, mcl->m_len + M_TRAILINGSPACE(mcl)); - if (retval == PKT_ALIAS_RESPOND) { - m->m_flags |= M_SKIP_FIREWALL; - retval = PKT_ALIAS_OK; - } - if (retval != PKT_ALIAS_OK && - retval != PKT_ALIAS_FOUND_HEADER_FRAGMENT) { + + /* + * We drop packet when: + * 1. libalias returns PKT_ALIAS_ERROR; + * 2. For incoming packets: + * a) for unresolved fragments; + * b) libalias returns PKT_ALIAS_IGNORED and + * PKT_ALIAS_DENY_INCOMING flag is set. + */ + if (retval == PKT_ALIAS_ERROR || + (args->oif == NULL && (retval == PKT_ALIAS_UNRESOLVED_FRAGMENT || + (retval == PKT_ALIAS_IGNORED && + (t->lib->packetAliasMode & PKT_ALIAS_DENY_INCOMING) != 0)))) { /* XXX - should i add some logging? */ m_free(mcl); args->m = NULL; return (IP_FW_DENY); } + + if (retval == PKT_ALIAS_RESPOND) + m->m_flags |= M_SKIP_FIREWALL; mcl->m_pkthdr.len = mcl->m_len = ntohs(ip->ip_len); /* _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 7 06:50:12 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4AAB7106566B for ; Tue, 7 Jun 2011 06:50:12 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 20E418FC0A for ; Tue, 7 Jun 2011 06:50:12 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p576oCgl034031 for ; Tue, 7 Jun 2011 06:50:12 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p576oBx0034030; Tue, 7 Jun 2011 06:50:11 GMT (envelope-from gnats) Date: Tue, 7 Jun 2011 06:50:11 GMT Message-Id: <201106070650.p576oBx0034030@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/129093: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2011 06:50:12 -0000 The following reply was made to PR kern/129093; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/129093: commit references a PR Date: Tue, 7 Jun 2011 06:42:39 +0000 (UTC) Author: ae Date: Tue Jun 7 06:42:29 2011 New Revision: 222806 URL: http://svn.freebsd.org/changeset/base/222806 Log: Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through. PR: kern/122109, kern/129093, kern/157379 Submitted by: Alexander V. Chernikov (previous version) MFC after: 1 month Modified: head/sys/netinet/ipfw/ip_fw_nat.c Modified: head/sys/netinet/ipfw/ip_fw_nat.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw_nat.c Tue Jun 7 06:18:02 2011 (r222805) +++ head/sys/netinet/ipfw/ip_fw_nat.c Tue Jun 7 06:42:29 2011 (r222806) @@ -262,17 +262,27 @@ ipfw_nat(struct ip_fw_args *args, struct else retval = LibAliasOut(t->lib, c, mcl->m_len + M_TRAILINGSPACE(mcl)); - if (retval == PKT_ALIAS_RESPOND) { - m->m_flags |= M_SKIP_FIREWALL; - retval = PKT_ALIAS_OK; - } - if (retval != PKT_ALIAS_OK && - retval != PKT_ALIAS_FOUND_HEADER_FRAGMENT) { + + /* + * We drop packet when: + * 1. libalias returns PKT_ALIAS_ERROR; + * 2. For incoming packets: + * a) for unresolved fragments; + * b) libalias returns PKT_ALIAS_IGNORED and + * PKT_ALIAS_DENY_INCOMING flag is set. + */ + if (retval == PKT_ALIAS_ERROR || + (args->oif == NULL && (retval == PKT_ALIAS_UNRESOLVED_FRAGMENT || + (retval == PKT_ALIAS_IGNORED && + (t->lib->packetAliasMode & PKT_ALIAS_DENY_INCOMING) != 0)))) { /* XXX - should i add some logging? */ m_free(mcl); args->m = NULL; return (IP_FW_DENY); } + + if (retval == PKT_ALIAS_RESPOND) + m->m_flags |= M_SKIP_FIREWALL; mcl->m_pkthdr.len = mcl->m_len = ntohs(ip->ip_len); /* _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 7 06:50:14 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DF871065670 for ; Tue, 7 Jun 2011 06:50:14 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E84F58FC0C for ; Tue, 7 Jun 2011 06:50:13 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p576oDhL034039 for ; Tue, 7 Jun 2011 06:50:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p576oDFj034038; Tue, 7 Jun 2011 06:50:13 GMT (envelope-from gnats) Date: Tue, 7 Jun 2011 06:50:13 GMT Message-Id: <201106070650.p576oDFj034038@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/157379: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2011 06:50:14 -0000 The following reply was made to PR kern/157379; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/157379: commit references a PR Date: Tue, 7 Jun 2011 06:42:39 +0000 (UTC) Author: ae Date: Tue Jun 7 06:42:29 2011 New Revision: 222806 URL: http://svn.freebsd.org/changeset/base/222806 Log: Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through. PR: kern/122109, kern/129093, kern/157379 Submitted by: Alexander V. Chernikov (previous version) MFC after: 1 month Modified: head/sys/netinet/ipfw/ip_fw_nat.c Modified: head/sys/netinet/ipfw/ip_fw_nat.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw_nat.c Tue Jun 7 06:18:02 2011 (r222805) +++ head/sys/netinet/ipfw/ip_fw_nat.c Tue Jun 7 06:42:29 2011 (r222806) @@ -262,17 +262,27 @@ ipfw_nat(struct ip_fw_args *args, struct else retval = LibAliasOut(t->lib, c, mcl->m_len + M_TRAILINGSPACE(mcl)); - if (retval == PKT_ALIAS_RESPOND) { - m->m_flags |= M_SKIP_FIREWALL; - retval = PKT_ALIAS_OK; - } - if (retval != PKT_ALIAS_OK && - retval != PKT_ALIAS_FOUND_HEADER_FRAGMENT) { + + /* + * We drop packet when: + * 1. libalias returns PKT_ALIAS_ERROR; + * 2. For incoming packets: + * a) for unresolved fragments; + * b) libalias returns PKT_ALIAS_IGNORED and + * PKT_ALIAS_DENY_INCOMING flag is set. + */ + if (retval == PKT_ALIAS_ERROR || + (args->oif == NULL && (retval == PKT_ALIAS_UNRESOLVED_FRAGMENT || + (retval == PKT_ALIAS_IGNORED && + (t->lib->packetAliasMode & PKT_ALIAS_DENY_INCOMING) != 0)))) { /* XXX - should i add some logging? */ m_free(mcl); args->m = NULL; return (IP_FW_DENY); } + + if (retval == PKT_ALIAS_RESPOND) + m->m_flags |= M_SKIP_FIREWALL; mcl->m_pkthdr.len = mcl->m_len = ntohs(ip->ip_len); /* _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 7 06:54:18 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F2AF81065676; Tue, 7 Jun 2011 06:54:18 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id CAE9E8FC15; Tue, 7 Jun 2011 06:54:18 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p576sIim042051; Tue, 7 Jun 2011 06:54:18 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p576sIBS042046; Tue, 7 Jun 2011 06:54:18 GMT (envelope-from ae) Date: Tue, 7 Jun 2011 06:54:18 GMT Message-Id: <201106070654.p576sIBS042046@freefall.freebsd.org> To: m.dyadchenko@211.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2011 06:54:19 -0000 Synopsis: [ipfw] ipfw nat traceroute problem State-Changed-From-To: feedback->patched State-Changed-By: ae State-Changed-When: Tue Jun 7 06:53:46 UTC 2011 State-Changed-Why: Patched in head/. http://www.freebsd.org/cgi/query-pr.cgi?pr=122109 From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 7 06:54:49 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B15711065670; Tue, 7 Jun 2011 06:54:49 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 895648FC1E; Tue, 7 Jun 2011 06:54:49 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p576snCv042109; Tue, 7 Jun 2011 06:54:49 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p576sms2042103; Tue, 7 Jun 2011 06:54:48 GMT (envelope-from ae) Date: Tue, 7 Jun 2011 06:54:48 GMT Message-Id: <201106070654.p576sms2042103@freefall.freebsd.org> To: kes-kes@yandex.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/129093: [ipfw] ipfw nat must not drop packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2011 06:54:49 -0000 Synopsis: [ipfw] ipfw nat must not drop packets State-Changed-From-To: feedback->patched State-Changed-By: ae State-Changed-When: Tue Jun 7 06:54:30 UTC 2011 State-Changed-Why: Patched in head/. http://www.freebsd.org/cgi/query-pr.cgi?pr=129093 From owner-freebsd-ipfw@FreeBSD.ORG Tue Jun 7 06:55:22 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7158A106567E; Tue, 7 Jun 2011 06:55:22 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 496DE8FC17; Tue, 7 Jun 2011 06:55:22 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p576tM8K042179; Tue, 7 Jun 2011 06:55:22 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p576tMl1042175; Tue, 7 Jun 2011 06:55:22 GMT (envelope-from ae) Date: Tue, 7 Jun 2011 06:55:22 GMT Message-Id: <201106070655.p576tMl1042175@freefall.freebsd.org> To: kes-kes@yandex.ru, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/157379: [ipfw] mtr does not work if I use ipfw nat X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2011 06:55:22 -0000 Synopsis: [ipfw] mtr does not work if I use ipfw nat State-Changed-From-To: feedback->patched State-Changed-By: ae State-Changed-When: Tue Jun 7 06:55:06 UTC 2011 State-Changed-Why: Patched in head/. http://www.freebsd.org/cgi/query-pr.cgi?pr=157379 From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 05:00:22 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BBF6A106566B for ; Wed, 8 Jun 2011 05:00:22 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AC25E8FC1A for ; Wed, 8 Jun 2011 05:00:22 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5850MRw091121 for ; Wed, 8 Jun 2011 05:00:22 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5850MrY091119; Wed, 8 Jun 2011 05:00:22 GMT (envelope-from gnats) Date: Wed, 8 Jun 2011 05:00:22 GMT Message-Id: <201106080500.p5850MrY091119@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/139226: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 05:00:22 -0000 The following reply was made to PR kern/139226; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/139226: commit references a PR Date: Wed, 8 Jun 2011 04:50:42 +0000 (UTC) Author: ae Date: Wed Jun 8 04:50:23 2011 New Revision: 222849 URL: http://svn.freebsd.org/changeset/base/222849 Log: MFC r222559: Hide useless warning under debug macro. PR: kern/69963, kern/139226 Modified: stable/8/sys/netinet/ipfw/ip_fw_dynamic.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netinet/ipfw/ip_fw_dynamic.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_dynamic.c Wed Jun 8 04:06:56 2011 (r222848) +++ stable/8/sys/netinet/ipfw/ip_fw_dynamic.c Wed Jun 8 04:50:23 2011 (r222849) @@ -753,11 +753,12 @@ ipfw_install_state(struct ip_fw *rule, i q = lookup_dyn_rule_locked(&args->f_id, NULL, NULL); if (q != NULL) { /* should never occur */ + DEB( if (last_log != time_uptime) { last_log = time_uptime; printf("ipfw: %s: entry already present, done\n", __func__); - } + }) IPFW_DYN_UNLOCK(); return (0); } _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 05:00:26 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1FA941065670 for ; Wed, 8 Jun 2011 05:00:26 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 101AD8FC0C for ; Wed, 8 Jun 2011 05:00:26 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5850PQj091175 for ; Wed, 8 Jun 2011 05:00:25 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5850P5O091174; Wed, 8 Jun 2011 05:00:25 GMT (envelope-from gnats) Date: Wed, 8 Jun 2011 05:00:25 GMT Message-Id: <201106080500.p5850P5O091174@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/139226: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 05:00:26 -0000 The following reply was made to PR kern/139226; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/139226: commit references a PR Date: Wed, 8 Jun 2011 04:54:41 +0000 (UTC) Author: ae Date: Wed Jun 8 04:54:22 2011 New Revision: 222850 URL: http://svn.freebsd.org/changeset/base/222850 Log: MFC r222559: Hide useless warning under debug macro. PR: kern/69963, kern/139226 This is direct commit to stable/7. Modified: stable/7/sys/netinet/ip_fw2.c Directory Properties: stable/7/sys/ (props changed) stable/7/sys/cddl/contrib/opensolaris/ (props changed) stable/7/sys/contrib/dev/acpica/ (props changed) stable/7/sys/contrib/pf/ (props changed) Modified: stable/7/sys/netinet/ip_fw2.c ============================================================================== --- stable/7/sys/netinet/ip_fw2.c Wed Jun 8 04:50:23 2011 (r222849) +++ stable/7/sys/netinet/ip_fw2.c Wed Jun 8 04:54:22 2011 (r222850) @@ -1460,11 +1460,12 @@ install_state(struct ip_fw *rule, ipfw_i q = lookup_dyn_rule_locked(&args->f_id, NULL, NULL); if (q != NULL) { /* should never occur */ + DEB( if (last_log != time_uptime) { last_log = time_uptime; printf("ipfw: %s: entry already present, done\n", __func__); - } + }) IPFW_DYN_UNLOCK(); return (0); } _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 05:00:55 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E0CC1106564A; Wed, 8 Jun 2011 05:00:55 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id B96948FC13; Wed, 8 Jun 2011 05:00:55 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5850t1D092573; Wed, 8 Jun 2011 05:00:55 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5850sPk092497; Wed, 8 Jun 2011 05:00:54 GMT (envelope-from ae) Date: Wed, 8 Jun 2011 05:00:54 GMT Message-Id: <201106080500.p5850sPk092497@freefall.freebsd.org> To: root@asarian-host.net, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/69963: [ipfw] install_state warning about already existing entry X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 05:00:56 -0000 Synopsis: [ipfw] install_state warning about already existing entry State-Changed-From-To: patched->closed State-Changed-By: ae State-Changed-When: Wed Jun 8 05:00:11 UTC 2011 State-Changed-Why: Merged to stable/8 and stable/7. http://www.freebsd.org/cgi/query-pr.cgi?pr=69963 From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 05:01:30 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CAE0F106567C; Wed, 8 Jun 2011 05:01:30 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A3A0D8FC22; Wed, 8 Jun 2011 05:01:30 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p5851UCe095256; Wed, 8 Jun 2011 05:01:30 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p5851UsC095245; Wed, 8 Jun 2011 05:01:30 GMT (envelope-from ae) Date: Wed, 8 Jun 2011 05:01:30 GMT Message-Id: <201106080501.p5851UsC095245@freefall.freebsd.org> To: chris@smartt.com, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/139226: [ipfw] install_state: entry already present, done X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 05:01:30 -0000 Synopsis: [ipfw] install_state: entry already present, done State-Changed-From-To: patched->closed State-Changed-By: ae State-Changed-When: Wed Jun 8 05:01:10 UTC 2011 State-Changed-Why: Merged to stable/8 and stable/7. http://www.freebsd.org/cgi/query-pr.cgi?pr=139226 From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 05:10:10 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 430B41065670 for ; Wed, 8 Jun 2011 05:10:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 335988FC0A for ; Wed, 8 Jun 2011 05:10:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p585AA81005129 for ; Wed, 8 Jun 2011 05:10:10 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p585AAgk005128; Wed, 8 Jun 2011 05:10:10 GMT (envelope-from gnats) Date: Wed, 8 Jun 2011 05:10:10 GMT Message-Id: <201106080510.p585AAgk005128@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/69963: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 05:10:10 -0000 The following reply was made to PR kern/69963; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/69963: commit references a PR Date: Wed, 8 Jun 2011 04:50:41 +0000 (UTC) Author: ae Date: Wed Jun 8 04:50:23 2011 New Revision: 222849 URL: http://svn.freebsd.org/changeset/base/222849 Log: MFC r222559: Hide useless warning under debug macro. PR: kern/69963, kern/139226 Modified: stable/8/sys/netinet/ipfw/ip_fw_dynamic.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netinet/ipfw/ip_fw_dynamic.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_dynamic.c Wed Jun 8 04:06:56 2011 (r222848) +++ stable/8/sys/netinet/ipfw/ip_fw_dynamic.c Wed Jun 8 04:50:23 2011 (r222849) @@ -753,11 +753,12 @@ ipfw_install_state(struct ip_fw *rule, i q = lookup_dyn_rule_locked(&args->f_id, NULL, NULL); if (q != NULL) { /* should never occur */ + DEB( if (last_log != time_uptime) { last_log = time_uptime; printf("ipfw: %s: entry already present, done\n", __func__); - } + }) IPFW_DYN_UNLOCK(); return (0); } _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 05:10:12 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B2C31065672 for ; Wed, 8 Jun 2011 05:10:12 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 4BB148FC0C for ; Wed, 8 Jun 2011 05:10:12 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p585ACxW005137 for ; Wed, 8 Jun 2011 05:10:12 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p585AC2b005136; Wed, 8 Jun 2011 05:10:12 GMT (envelope-from gnats) Date: Wed, 8 Jun 2011 05:10:12 GMT Message-Id: <201106080510.p585AC2b005136@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/69963: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 05:10:12 -0000 The following reply was made to PR kern/69963; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/69963: commit references a PR Date: Wed, 8 Jun 2011 04:54:40 +0000 (UTC) Author: ae Date: Wed Jun 8 04:54:22 2011 New Revision: 222850 URL: http://svn.freebsd.org/changeset/base/222850 Log: MFC r222559: Hide useless warning under debug macro. PR: kern/69963, kern/139226 This is direct commit to stable/7. Modified: stable/7/sys/netinet/ip_fw2.c Directory Properties: stable/7/sys/ (props changed) stable/7/sys/cddl/contrib/opensolaris/ (props changed) stable/7/sys/contrib/dev/acpica/ (props changed) stable/7/sys/contrib/pf/ (props changed) Modified: stable/7/sys/netinet/ip_fw2.c ============================================================================== --- stable/7/sys/netinet/ip_fw2.c Wed Jun 8 04:50:23 2011 (r222849) +++ stable/7/sys/netinet/ip_fw2.c Wed Jun 8 04:54:22 2011 (r222850) @@ -1460,11 +1460,12 @@ install_state(struct ip_fw *rule, ipfw_i q = lookup_dyn_rule_locked(&args->f_id, NULL, NULL); if (q != NULL) { /* should never occur */ + DEB( if (last_log != time_uptime) { last_log = time_uptime; printf("ipfw: %s: entry already present, done\n", __func__); - } + }) IPFW_DYN_UNLOCK(); return (0); } _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Wed Jun 8 20:33:15 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44A01106564A for ; Wed, 8 Jun 2011 20:33:15 +0000 (UTC) (envelope-from root@mediamonks.net) Received: from mail.mediamonks.net (mail.mediamonks.net [217.195.117.200]) by mx1.freebsd.org (Postfix) with ESMTP id CA3AE8FC16 for ; Wed, 8 Jun 2011 20:33:14 +0000 (UTC) X-CGP-Sophos: Scanned and found clean X-Abuse-Info: Send abuse reports about this email to abuse@mediamonks.net Received: from [145.99.104.70] (account terrence@mediamonks.com) by mail.mediamonks.net (CommuniGate Pro IMAP 5.4c2) with XMIT id 7200244 for freebsd-ipfw@freebsd.org; Wed, 08 Jun 2011 22:03:09 +0200 Date: Wed, 08 Jun 2011 22:03:00 +0200 Organization: MediaMonks B.V. Message-Id: <9638a0faf41f024c887ac9ecc776442f@mediamonks.com> MIME-Version: 1.0 Thread-Topic: UID matching for IPv6 Priority: Normal Importance: normal X-MSMail-Priority: normal X-Priority: 3 Sensitivity: Normal Thread-Index: AcwmFxF/HkhUgkO9TTaJ2hpdfTZruw== From: "Terrence Koeman" To: "freebsd-ipfw@freebsd.org" X-Mailer: CommuniGate Pro MAPI Connector 1.52.53.1/1.53.11.1 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: UID matching for IPv6 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Jun 2011 20:33:15 -0000 Are there plans to make uid matching work for ipv6 packets? ipfw allows me = to use the 'uid' option, but the rule will match nothing. Thanks! -- Regards, T. Koeman, MTh/BSc/BPsy; Technical Monk MediaMonks B.V. (www.mediamonks.com) Please quote relevant replies in correspondence. From owner-freebsd-ipfw@FreeBSD.ORG Thu Jun 9 10:10:11 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 60E3E1065676 for ; Thu, 9 Jun 2011 10:10:11 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 506888FC17 for ; Thu, 9 Jun 2011 10:10:11 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p59AABgi061847 for ; Thu, 9 Jun 2011 10:10:11 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p59AABEp061846; Thu, 9 Jun 2011 10:10:11 GMT (envelope-from gnats) Date: Thu, 9 Jun 2011 10:10:11 GMT Message-Id: <201106091010.p59AABEp061846@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: Andrey Voitenkov Cc: Subject: Re: kern/150798: [ipfw] ipfw2 fwd rule matches packets but does not do the job in fact. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Andrey Voitenkov List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Jun 2011 10:10:11 -0000 The following reply was made to PR kern/150798; it has been noted by GNATS. From: Andrey Voitenkov To: "Andrey V. Elsukov" Cc: bug-followup@freebsd.org Subject: Re: kern/150798: [ipfw] ipfw2 fwd rule matches packets but does not do the job in fact. Date: Thu, 9 Jun 2011 12:32:56 +0300 Hi I don't have access to that host where the problem occured. I've tested it on i386 8.2-release host with a very similar ruleset - looks like the patch fixes the problem. Thanks. 2011/5/30 Andrey V. Elsukov : > Hi, > > It seems your problem is the same as described in kern/147720. > Can you test the following patch? > http://people.freebsd.org/~ae/ipfw_fwd.diff > > -- > WBR, Andrey V. Elsukov > -- Andrey Voitenkov From owner-freebsd-ipfw@FreeBSD.ORG Thu Jun 9 21:28:35 2011 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E1D83106566B; Thu, 9 Jun 2011 21:28:35 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id BA9018FC08; Thu, 9 Jun 2011 21:28:35 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p59LSZhe085322; Thu, 9 Jun 2011 21:28:35 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p59LSZRB085318; Thu, 9 Jun 2011 21:28:35 GMT (envelope-from linimon) Date: Thu, 9 Jun 2011 21:28:35 GMT Message-Id: <201106092128.p59LSZRB085318@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/157689: [ipfw] ipfw nat config does not accept nonexistent interfaces X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Jun 2011 21:28:36 -0000 Old Synopsis: ipfw nat config does not accept nonexistent interfaces New Synopsis: [ipfw] ipfw nat config does not accept nonexistent interfaces Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Thu Jun 9 21:27:53 UTC 2011 Responsible-Changed-Why: Reclassify and assign. http://www.freebsd.org/cgi/query-pr.cgi?pr=157689