From owner-freebsd-pf@FreeBSD.ORG Sun Mar 11 03:29:23 2007 Return-Path: X-Original-To: freebsd-pf@hub.freebsd.org Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8617D16A400; Sun, 11 Mar 2007 03:29:23 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 5D48313C428; Sun, 11 Mar 2007 03:29:23 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l2B3TNOU086517; Sun, 11 Mar 2007 03:29:23 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l2B3TNjG086513; Sun, 11 Mar 2007 03:29:23 GMT (envelope-from linimon) Date: Sun, 11 Mar 2007 03:29:23 GMT From: Mark Linimon Message-Id: <200703110329.l2B3TNjG086513@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-pf@FreeBSD.org Cc: Subject: Re: kern/110174: [pf] pf pass route-to does not assign correct IP for the packets created on the same pf-host X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Mar 2007 03:29:23 -0000 Synopsis: [pf] pf pass route-to does not assign correct IP for the packets created on the same pf-host Responsible-Changed-From-To: freebsd-bugs->freebsd-pf Responsible-Changed-By: linimon Responsible-Changed-When: Sun Mar 11 03:29:05 UTC 2007 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=110174 From owner-freebsd-pf@FreeBSD.ORG Mon Mar 12 11:08:32 2007 Return-Path: X-Original-To: freebsd-pf@FreeBSD.org Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 33A5C16A47D for ; Mon, 12 Mar 2007 11:08:32 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 2662913C487 for ; Mon, 12 Mar 2007 11:08:32 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l2CB8Vku065161 for ; Mon, 12 Mar 2007 11:08:31 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l2CB8UHw065157 for freebsd-pf@FreeBSD.org; Mon, 12 Mar 2007 11:08:30 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 12 Mar 2007 11:08:30 GMT Message-Id: <200703121108.l2CB8UHw065157@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: linimon set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-pf@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Mar 2007 11:08:32 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/82271 pf [pf] cbq scheduler cause bad latency o kern/92949 pf [pf] PF + ALTQ problems with latency 2 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- f conf/81042 pf [pf] [patch] /etc/pf.os doesn't match FreeBSD 5.3->5.4 o sparc/93530 pf [pf] Incorrect checksums when using pf's route-to on s o kern/93825 pf [pf] pf reply-to doesn't work o kern/103304 pf [pf] pf accepts nonexistent queue in rules o kern/106400 pf [pf] fatal trap 12 at restart of PF with ALTQ if ng0 d o kern/110174 pf [pf] pf pass route-to does not assign correct IP for t 6 problems total. From owner-freebsd-pf@FreeBSD.ORG Thu Mar 15 10:20:44 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6403516A400 for ; Thu, 15 Mar 2007 10:20:44 +0000 (UTC) (envelope-from Ales.Krajnik@mediafactory.cz) Received: from mail.a24media.cz (mail.a24media.cz [212.24.138.152]) by mx1.freebsd.org (Postfix) with ESMTP id D1B2E13C4C9 for ; Thu, 15 Mar 2007 10:20:43 +0000 (UTC) (envelope-from Ales.Krajnik@mediafactory.cz) Content-class: urn:content-classes:message MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5 Date: Thu, 15 Mar 2007 11:08:39 +0100 Message-ID: <66CE3CD196F5C24F9CDE33A03E0FB4113A7EEF@exbox.office.a24media.cz> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Setting bandwidth for multiple internal subnets + few more PF questions Thread-Index: Acdm488l5OHYwrTTS7i5t22Mjazi1A== From: =?iso-8859-2?Q?Ale=B9_Krajn=EDk?= To: Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Setting bandwidth for multiple internal subnets + few more PF questions X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Mar 2007 10:20:44 -0000 Hello, =20 I have a problem with PF and I would appreciate any help. I spent few = hours googling around but found no solution. =20 We have a FreeBSD 6.1 router with 4 internal subnets on 4 interfaces = (em1, fxp0, fxp1, xl0), 1 connection to the Internet (em0) - 10Mbps both = directions, full duplex. What we need is to shape traffic so em1 + fxp1 = , fxp0 and xl0 uses equally 33% of traffic, in both incoming and = outgoing directions from the Internet (incoming direction is more = important for us as we don't have almost any servers inside our network = except for HTTP for development purpose so mostly we download data from = the Internet). Traffic between local subnets should stay unlimited. =20 That should not be problem - we could just set 3.33Mbps on each = interface for packets arriving from the Internet. What we cannot solve = is how to set that each interface could borrow bandwidth from other = interfaces (=3D from parent stream) if they are not fully utilised? =20 If I set ALTQ on the external interface, I can control only outgoing = traffic to the Internet (I made that work successfully). If I set ALTQ = on any of the internal interfaces I cannot set it to borrow from each = other. Setting ALTQ on multiple interfaces is not supported AFAIK. Is = there any solution? Can that be solved with packet tagging? =20 Another thing I do not completely understand is setting ALTQ rules on = interfaces. I just want to make it clear to myself. If I set ALTQ on an = interface, it means that packets are being dropped on the chosen = interface? If I set queue on an interface, it means that packets are = added to that queue if and only if the rule is evaluated on the chosen = interface? For example if I would have rules "queue Q on em0 ..." and = "pass in on em1 ... queue Q", what would that do? =20 My last question - I read TCP ACK packets prioritizing can increase = incoming throughput. Does that make sense on fast internet connections = like is ours or is it useful only for e.g. dial-up connections? I would = use following ALTQ settings: =20 ALTQ on $lan_ex bandwidth 10Mb cbq { queue_std, = queue_ack } queue queue_std on $lan_ex bandwidth 99% = cbq(default) queue queue_ack on $lan_ex bandwidth 1% =20 ... and create a TCP/ACK rule on $lan_ex with queue_ack =20 Thanks in advance for your help! =20 Ales Krajnik From owner-freebsd-pf@FreeBSD.ORG Fri Mar 16 02:53:05 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D085316A401 for ; Fri, 16 Mar 2007 02:53:05 +0000 (UTC) (envelope-from linuxinfoplus@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169]) by mx1.freebsd.org (Postfix) with ESMTP id 6773C13C46C for ; Fri, 16 Mar 2007 02:53:05 +0000 (UTC) (envelope-from linuxinfoplus@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so562180ugh for ; Thu, 15 Mar 2007 19:53:04 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer; b=H29UyYN0FZFrWkJKeIW6cr6i2k2EIyAbLaZl4rvr8ibGF0e9xU0whDlPTyQMUZvQzfDWlzvtUWJU6GShu1sQELEWZjocghEm3znAG3N6w8wXaOM+vFeYoN8RE2lwFqhoYTx2dyaCQ53vERLX5ew7vK2l+WewmfFeGLK8uJUTZHc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:mime-version:in-reply-to:references:content-type:message-id:content-transfer-encoding:from:subject:date:to:x-mailer; b=hw56a7nFQfT7ZAkOWi9PHS7qRmm0oRa3sspMeOpGHiYVq3EmDC9wOOPs6Jc0J8i7UghjRTl7uX5MoeB4B+mC0JwnMQ15hvlEFx1W8HybiZMrVws7oBDbevGyMk1BC4T4xSdwvRZwiNSWSzsrc/UvTSRmz5jWC90BIBILlDlIGB8= Received: by 10.114.39.16 with SMTP id m16mr522567wam.1174012003477; Thu, 15 Mar 2007 19:26:43 -0700 (PDT) Received: from ?192.168.3.215? ( [210.13.108.117]) by mx.google.com with ESMTP id z15sm3679401pod.2007.03.15.19.26.41; Thu, 15 Mar 2007 19:26:42 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: <20070315120029.0E88916A4CF@hub.freebsd.org> References: <20070315120029.0E88916A4CF@hub.freebsd.org> Content-Type: text/plain; charset=GB2312; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: quoted-printable From: rhinux Date: Fri, 16 Mar 2007 10:26:22 +0800 To: freebsd-pf@freebsd.org X-Mailer: Apple Mail (2.752.2) Subject: Re: freebsd-pf Digest, Vol 129, Issue 2 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 02:53:05 -0000 =D4=DA 2007-3-15=A3=AC=CF=C2=CE=E78:00=A3=ACfreebsd-pf-request@freebsd.org= =D0=B4=B5=C0=A3=BA > Send freebsd-pf mailing list submissions to > freebsd-pf@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > or, via email, send a message with subject or body 'help' to > freebsd-pf-request@freebsd.org > > You can reach the person managing the list at > freebsd-pf-owner@freebsd.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of freebsd-pf digest..." > > > Today's Topics: > > 1. Setting bandwidth for multiple internal subnets + few more PF > questions (Ale? Krajn?k) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 15 Mar 2007 11:08:39 +0100 > From: Ale? Krajn?k > Subject: Setting bandwidth for multiple internal subnets + few more PF > questions > To: > Message-ID: > = <66CE3CD196F5C24F9CDE33A03E0FB4113A7EEF@exbox.office.a24media.cz> > Content-Type: text/plain; charset=3D"iso-8859-2" > > Hello, > > > > I have a problem with PF and I would appreciate any help. I spent =20 > few hours googling around but found no solution. > > > > We have a FreeBSD 6.1 router with 4 internal subnets on 4 =20 > interfaces (em1, fxp0, fxp1, xl0), 1 connection to the Internet =20 > (em0) - 10Mbps both directions, full duplex. What we need is to =20 > shape traffic so em1 + fxp1 , fxp0 and xl0 uses equally 33% of =20 > traffic, in both incoming and outgoing directions from the Internet =20= > (incoming direction is more important for us as we don't have =20 > almost any servers inside our network except for HTTP for =20 > development purpose so mostly we download data from the Internet). =20 > Traffic between local subnets should stay unlimited. > > > > That should not be problem - we could just set 3.33Mbps on each =20 > interface for packets arriving from the Internet. What we cannot =20 > solve is how to set that each interface could borrow bandwidth from =20= > other interfaces (=3D from parent stream) if they are not fully =20 > utilised? > > > > If I set ALTQ on the external interface, I can control only =20 > outgoing traffic to the Internet (I made that work successfully). =20 > If I set ALTQ on any of the internal interfaces I cannot set it to =20 > borrow from each other. Setting ALTQ on multiple interfaces is not =20 > supported AFAIK. Is there any solution? Can that be solved with =20 > packet tagging? > > > > Another thing I do not completely understand is setting ALTQ rules =20 > on interfaces. I just want to make it clear to myself. If I set =20 > ALTQ on an interface, it means that packets are being dropped on =20 > the chosen interface? If I set queue on an interface, it means that =20= > packets are added to that queue if and only if the rule is =20 > evaluated on the chosen interface? For example if I would have =20 > rules "queue Q on em0 ..." and "pass in on em1 ... queue Q", what =20 > would that do? > > > > My last question - I read TCP ACK packets prioritizing can increase =20= > incoming throughput. Does that make sense on fast internet =20 > connections like is ours or is it useful only for e.g. dial-up =20 > connections? I would use following ALTQ settings: > > > > ALTQ on $lan_ex bandwidth 10Mb cbq { queue_std, =20 > queue_ack } > > queue queue_std on $lan_ex bandwidth =20= > 99% cbq(default) > > queue queue_ack on $lan_ex bandwidth 1% > > > > ... and create a TCP/ACK rule on $lan_ex with =20 > queue_ack > > > > Thanks in advance for your help! > > > > Ales Krajnik > > > > ------------------------------ > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > End of freebsd-pf Digest, Vol 129, Issue 2 > ****************************************** From owner-freebsd-pf@FreeBSD.ORG Fri Mar 16 12:59:16 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AEA5D16A404 for ; Fri, 16 Mar 2007 12:59:16 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.171]) by mx1.freebsd.org (Postfix) with ESMTP id 4248113C4B7 for ; Fri, 16 Mar 2007 12:59:16 +0000 (UTC) (envelope-from max@love2party.net) Received: from [88.64.185.206] (helo=amd64.laiers.local) by mrelayeu.kundenserver.de (node=mrelayeu1) with ESMTP (Nemesis), id 0MKwpI-1HSC1Y1PT4-0004mu; Fri, 16 Mar 2007 13:59:13 +0100 From: Max Laier Organization: FreeBSD To: freebsd-pf@freebsd.org Date: Fri, 16 Mar 2007 13:59:04 +0100 User-Agent: KMail/1.9.5 References: <66CE3CD196F5C24F9CDE33A03E0FB4113A7EEF@exbox.office.a24media.cz> In-Reply-To: <66CE3CD196F5C24F9CDE33A03E0FB4113A7EEF@exbox.office.a24media.cz> X-Face: ,,8R(x[kmU]tKN@>gtH1yQE4aslGdu+2]; R]*pL,U>^H?)gW@49@wdJ`H<=?utf-8?q?=25=7D*=5FBD=0A=09U=5For=3D=5CmOZf764=26nYj=3DJYbR1PW0ud?=>|!~,,CPC.1-D$FG@0h3#'5"k{V]a~.<=?utf-8?q?mZ=7D44=23Se=7Em=0A=09Fe=7E=5C=5DX5B=5D=5Fxj?=(ykz9QKMw_l0C2AQ]}Ym8)fU MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1262223.FXMYdIApeq"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200703161359.11074.max@love2party.net> X-Provags-ID: V01U2FsdGVkX19qaso8A/cKsQSuioQj4IJ02OsgwF2Ri8PotZc zgaJQ8PuOuQ4kJaqLnYq0PuuuFZ1euktbzKU/VSSDLAITeJoZ9 XG3iLeYeIzLDMyPhN0/sw== Cc: =?utf-8?q?Ale=C5=A1_Krajn=C3=ADk?= Subject: Re: Setting bandwidth for multiple internal subnets + few more PF questions X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 12:59:16 -0000 --nextPart1262223.FXMYdIApeq Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline [ Could you get your mailer to line wrap, please? ] On Thursday 15 March 2007 11:08, Ale=B9 Krajn=EDk wrote: > I have a problem with PF and I would appreciate any help. I spent few > hours googling around but found no solution. > > We have a FreeBSD 6.1 router with 4 internal subnets on 4 interfaces > (em1, fxp0, fxp1, xl0), 1 connection to the Internet (em0) - 10Mbps > both directions, full duplex. What we need is to shape traffic so em1 + > fxp1 , fxp0 and xl0 uses equally 33% of traffic, in both incoming and > outgoing directions from the Internet (incoming direction is more > important for us as we don't have almost any servers inside our network > except for HTTP for development purpose so mostly we download data from > the Internet). Traffic between local subnets should stay unlimited. > > That should not be problem - we could just set 3.33Mbps on each > interface for packets arriving from the Internet. What we cannot solve > is how to set that each interface could borrow bandwidth from other > interfaces (=3D from parent stream) if they are not fully utilised? > > If I set ALTQ on the external interface, I can control only outgoing > traffic to the Internet (I made that work successfully). If I set ALTQ > on any of the internal interfaces I cannot set it to borrow from each > other. Setting ALTQ on multiple interfaces is not supported AFAIK. Is > there any solution? Can that be solved with packet tagging? Controlling *incoming* traffic is not really supported or possible for=20 that matter. You can't controll what others send you. Of course you=20 can - as you seem to be doing - limit the *outgoing* traffic on the=20 internal interface(s). Due to the way ALTQ works, however, it is not=20 possible to share bandwidth over several interfaces. ALTQ directly hooks=20 into the queueing at the interface. What you would need are two distinct=20 boxes or a virtual interface through which you tunnel all traffic from=20 the internet to you LANs - but I'm not sure that is (easily) possible. You might want to look into using ipfw + dummynet, which works differently= =20 and might be able to solve this particular problem. I'm also open to pf=20 + dummynet integration, but don't have time to work on that, at the=20 moment. > Another thing I do not completely understand is setting ALTQ rules on > interfaces. I just want to make it clear to myself. If I set ALTQ on an > interface, it means that packets are being dropped on the chosen > interface? If I set queue on an interface, it means that packets are > added to that queue if and only if the rule is evaluated on the chosen > interface? For example if I would have rules "queue Q on em0 ..." and > "pass in on em1 ... queue Q", what would that do? Internally, queue names are resolved to a number, which is tagged to the=20 packet. If you have a queue named "foo" on em0 and em1, both these=20 queues will have the same number. It does not matter where you tag the=20 packet. On rule evaluation it is only assigned the number for the queue=20 name. As it hits an ALTQ enabled interface the queueing decides which=20 queue this number corresponds to. So in your scenario, if you call the queues on the internal interfaces the= =20 same - say "INET_IN" - you can assign incoming traffic to them with one=20 single rule on the outside interface. > My last question - I read TCP ACK packets prioritizing can increase > incoming throughput. Does that make sense on fast internet connections > like is ours or is it useful only for e.g. dial-up connections? I would > use following ALTQ settings: > > ALTQ on $lan_ex bandwidth 10Mb cbq { queue_std, queue_ack } > queue queue_std on $lan_ex bandwidth 99% cbq(default) > queue queue_ack on $lan_ex bandwidth 1% > > ... and create a TCP/ACK rule on $lan_ex with queue_ack This doesn't prioritize ACKs. You might want to read Daniel's excellent=20 article about it: http://www.benzedrine.cx/ackpri.html As he points out,=20 it's most useful on asymmetric links when you really saturate the uplink. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1262223.FXMYdIApeq Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQBF+pSfXyyEoT62BG0RArS7AJ0SCUsBF42t8gNbzACVBgfC1WQkhQCfdZvT IfUCO+hlZDS3vLkJwYfMovo= =ocNA -----END PGP SIGNATURE----- --nextPart1262223.FXMYdIApeq-- From owner-freebsd-pf@FreeBSD.ORG Fri Mar 16 13:52:22 2007 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CC52516A402 for ; Fri, 16 Mar 2007 13:52:22 +0000 (UTC) (envelope-from Greg.Hennessy@nviz.net) Received: from smtp.nildram.co.uk (smtp.nildram.co.uk [195.149.33.74]) by mx1.freebsd.org (Postfix) with ESMTP id 9537813C46E for ; Fri, 16 Mar 2007 13:52:22 +0000 (UTC) (envelope-from Greg.Hennessy@nviz.net) Received: from gw2.local.net (unknown [62.3.210.251]) by smtp.nildram.co.uk (Postfix) with ESMTP id 5C2524EA27 for ; Fri, 16 Mar 2007 13:52:19 +0000 (GMT) From: "Greg Hennessy" To: "'Max Laier'" , References: <66CE3CD196F5C24F9CDE33A03E0FB4113A7EEF@exbox.office.a24media.cz> <200703161359.11074.max@love2party.net> In-Reply-To: <200703161359.11074.max@love2party.net> Date: Fri, 16 Mar 2007 13:52:10 -0000 Message-ID: <000b01c767d2$4b8ea0a0$e2abe1e0$@Hennessy@nviz.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acdnz4dZGwY4cJw8SeKAvF9+FMzwGAAAf1CA Content-Language: en-gb X-Antivirus: avast! (VPS 000724-0, 15/03/2007), Outbound message X-Antivirus-Status: Clean Cc: Subject: RE: Setting bandwidth for multiple internal subnets + few more PF questions X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 13:52:22 -0000 > I'm also open to pf + dummynet integration, That's a very intriguing idea and a lot more palatable than ipfw + dummynet. > but don't have time to work on that, at the moment. I know what that's like. Greg From owner-freebsd-pf@FreeBSD.ORG Fri Mar 16 15:10:30 2007 Return-Path: X-Original-To: freebsd-pf@hub.freebsd.org Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1E38516A401; Fri, 16 Mar 2007 15:10:30 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id E907A13C4AE; Fri, 16 Mar 2007 15:10:29 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (remko@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l2GFAT2g057578; Fri, 16 Mar 2007 15:10:29 GMT (envelope-from remko@freefall.freebsd.org) Received: (from remko@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l2GFATVH057574; Fri, 16 Mar 2007 15:10:29 GMT (envelope-from remko) Date: Fri, 16 Mar 2007 15:10:29 GMT From: Remko Lodder Message-Id: <200703161510.l2GFATVH057574@freefall.freebsd.org> To: remko@FreeBSD.org, freebsd-i386@FreeBSD.org, freebsd-pf@FreeBSD.org Cc: Subject: Re: kern/110393: [pf] parameter syncpeer only works if ip address is backwards X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 15:10:30 -0000 Old Synopsis: parameter syncpeer only works if ip address is backwards New Synopsis: [pf] parameter syncpeer only works if ip address is backwards Responsible-Changed-From-To: freebsd-i386->freebsd-pf Responsible-Changed-By: remko Responsible-Changed-When: Fri Mar 16 15:10:02 UTC 2007 Responsible-Changed-Why: This -looks- like this might be something for the PF people http://www.freebsd.org/cgi/query-pr.cgi?pr=110393 From owner-freebsd-pf@FreeBSD.ORG Fri Mar 16 16:05:37 2007 Return-Path: X-Original-To: freebsd-pf@hub.freebsd.org Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4129316A407; Fri, 16 Mar 2007 16:05:37 +0000 (UTC) (envelope-from mlaier@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id 1979B13C448; Fri, 16 Mar 2007 16:05:37 +0000 (UTC) (envelope-from mlaier@FreeBSD.org) Received: from freefall.freebsd.org (mlaier@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l2GG5a1x065397; Fri, 16 Mar 2007 16:05:36 GMT (envelope-from mlaier@freefall.freebsd.org) Received: (from mlaier@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l2GG5adc065393; Fri, 16 Mar 2007 16:05:36 GMT (envelope-from mlaier) Date: Fri, 16 Mar 2007 16:05:36 GMT From: Max Laier Message-Id: <200703161605.l2GG5adc065393@freefall.freebsd.org> To: agramajo@gmail.com, mlaier@FreeBSD.org, freebsd-pf@FreeBSD.org Cc: Subject: Re: kern/110393: [pf] parameter syncpeer only works if ip address is backwards X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 16:05:37 -0000 Synopsis: [pf] parameter syncpeer only works if ip address is backwards State-Changed-From-To: open->closed State-Changed-By: mlaier State-Changed-When: Fri Mar 16 16:03:32 UTC 2007 State-Changed-Why: This was fixed in revision 1.27 of if_pfsync.c and MFCed as rev. 1.19.2.4 This is the branch point for 6.2, so it should be fixed there. As a work- around exists, I don't think we need an errata for 6.1. http://www.freebsd.org/cgi/query-pr.cgi?pr=110393