From owner-freebsd-ipfw@FreeBSD.ORG Mon May 25 11:06:54 2009 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B449B106566B for ; Mon, 25 May 2009 11:06:54 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A08B28FC19 for ; Mon, 25 May 2009 11:06:54 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n4PB6sj8092842 for ; Mon, 25 May 2009 11:06:54 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n4PB6sKc092838 for freebsd-ipfw@FreeBSD.org; Mon, 25 May 2009 11:06:54 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 25 May 2009 11:06:54 GMT Message-Id: <200905251106.n4PB6sKc092838@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 May 2009 11:06:54 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/132553 ipfw [ipfw] ipfw doesn't understand ftp-data port o kern/131817 ipfw [ipfw] blocks layer2 packets that should not be blocke o kern/131601 ipfw [ipfw] [panic] 7-STABLE panic in nat_finalise (tcp=0) o kern/131558 ipfw [ipfw] Inconsistent "via" ipfw behavior o bin/130132 ipfw [patch] ipfw(8): no way to get mask from ipfw pipe sho o kern/129103 ipfw [ipfw] IPFW check state does not work =( o kern/129093 ipfw [ipfw] ipfw nat must not drop packets o kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n o kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/127209 ipfw [ipfw] IPFW table become corrupted after many changes o bin/125370 ipfw [ipfw] [patch] increase a line buffer limit o conf/123119 ipfw [patch] rc script for ipfw does not handle IPv6 o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121382 ipfw [dummynet]: 6.3-RELEASE-p1 page fault in dummynet (cor o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/118993 ipfw [ipfw] page fault - probably it's a locking problem o kern/117234 ipfw [ipfw] [patch] ipfw send_pkt() and ipfw_tick() don't s o bin/117214 ipfw ipfw(8) fwd with IPv6 treats input as IPv4 o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from p kern/115755 ipfw [ipfw] [patch] unify message and add a rule number whe o bin/115172 ipfw [patch] ipfw(8) list show some rules with a wrong form o docs/113803 ipfw [patch] ipfw(8) - don't get bitten by the fwd rule p kern/113388 ipfw [ipfw] [patch] Addition actions with rules within spec o kern/112708 ipfw [ipfw] ipfw is seems to be broken to limit number of c o kern/112561 ipfw [ipfw] ipfw fwd does not work with some TCP packets o kern/107305 ipfw [ipfw] ipfw fwd doesn't seem to work o kern/105330 ipfw [ipfw] [patch] ipfw (dummynet) does not allow to set q o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/98831 ipfw [ipfw] ipfw has UDP hickups o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/97504 ipfw [ipfw] IPFW Rules bug o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v o kern/93300 ipfw [ipfw] ipfw pipe lost packets o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/88659 ipfw [modules] ipfw and ip6fw do not work properly as modul o kern/87032 ipfw [ipfw] [patch] ipfw ioctl interface implementation o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou s kern/80642 ipfw [ipfw] [patch] ipfw small patch - new RULE OPTION o bin/78785 ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/74104 ipfw [ipfw] ipfw2/1 conflict not detected or reported, manp o kern/73910 ipfw [ipfw] serious bug on forwarding of packets after NAT o kern/72987 ipfw [ipfw] ipfw/dummynet pipe/queue 'queue [BYTES]KBytes ( o kern/71366 ipfw [ipfw] "ipfw fwd" sometimes rewrites destination mac a o kern/69963 ipfw [ipfw] install_state warning about already existing en o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes o kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/51274 ipfw [ipfw] [patch] ipfw2 create dynamic rules with parent o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 57 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Tue May 26 09:56:10 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9C8C31065674 for ; Tue, 26 May 2009 09:56:10 +0000 (UTC) (envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de) Received: from mail.net.t-labs.tu-berlin.de (mail.net.t-labs.tu-berlin.de [130.149.220.252]) by mx1.freebsd.org (Postfix) with ESMTP id 58AB78FC12 for ; Tue, 26 May 2009 09:56:10 +0000 (UTC) (envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de) Received: from anubis.getmyip.com (anubis.getmyip.com [78.46.33.178]) by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTP id 9AC62706FE8A for ; Tue, 26 May 2009 11:30:13 +0200 (CEST) Received: from 62.206.221.107 (SquirrelMail authenticated user smellmann) by anubis.getmyip.com with HTTP; Tue, 26 May 2009 11:30:13 +0200 (CEST) Message-ID: <24c1af11d506e0eca99922849cd5823c.squirrel@anubis.getmyip.com> Date: Tue, 26 May 2009 11:30:13 +0200 (CEST) From: "Sebastian Mellmann" To: freebsd-ipfw@freebsd.org User-Agent: SquirrelMail/1.4.15 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: FreeBSD 7.2 in bridge mode with net.inet.ip.fw.one_pass=0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: sebastian.mellmann@net.t-labs.tu-berlin.de List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 May 2009 09:56:10 -0000 Hi everyone! I've a FreeBSD 7.2 machine with the following kernel options compiled: device if_bridge options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT options IPFIREWALL_DEFAULT_TO_ACCEPT options DUMMYNET options HZ=1000 I'm thinking of using this machine as a bridge with ipfw dummynet rules. I've seen in this [1] thread that there might be a problem with using ipfw with the net.inet.ip.fw.one_pass=0 option in bridge mode. Is this still an issue? Regards, Sebastian [1] http://www.mavetju.org/mail/view_message.php?list=freebsd-ipfw&id=971437 From owner-freebsd-ipfw@FreeBSD.ORG Wed May 27 19:13:19 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64CA71065670 for ; Wed, 27 May 2009 19:13:19 +0000 (UTC) (envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de) Received: from mail.net.t-labs.tu-berlin.de (mail.net.t-labs.tu-berlin.de [130.149.220.252]) by mx1.freebsd.org (Postfix) with ESMTP id 250458FC1F for ; Wed, 27 May 2009 19:13:18 +0000 (UTC) (envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de) Received: from [192.168.1.2] (e179074043.adsl.alicedsl.de [85.179.74.43]) by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTP id C9009705A75A for ; Wed, 27 May 2009 21:13:17 +0200 (CEST) Message-ID: <4A1D90D4.3@net.t-labs.tu-berlin.de> Date: Wed, 27 May 2009 21:13:24 +0200 From: Sebastian Mellmann User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Subject: Increase maximum queue size in ipfw dummynet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2009 19:13:19 -0000 Hi everyone! Is there any chance to increase the maximum size of the ipfw dummynet queue (maximum is 100 slots right now)? Do I've to change it in the code? If yes, where? Thanks for help in advance! Cheers, Sebastian From owner-freebsd-ipfw@FreeBSD.ORG Fri May 29 07:52:18 2009 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7E49C10656D4 for ; Fri, 29 May 2009 07:52:18 +0000 (UTC) (envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de) Received: from mail.net.t-labs.tu-berlin.de (mail.net.t-labs.tu-berlin.de [130.149.220.252]) by mx1.freebsd.org (Postfix) with ESMTP id 3B61E8FC0C for ; Fri, 29 May 2009 07:52:18 +0000 (UTC) (envelope-from sebastian.mellmann@net.t-labs.tu-berlin.de) Received: from anubis.getmyip.com (anubis.getmyip.com [78.46.33.178]) by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTP id 16E38701BA81; Fri, 29 May 2009 09:52:15 +0200 (CEST) Received: from 62.206.221.107 (SquirrelMail authenticated user smellmann) by anubis.getmyip.com with HTTP; Fri, 29 May 2009 09:52:17 +0200 (CEST) Message-ID: In-Reply-To: <4A1D90D4.3@net.t-labs.tu-berlin.de> References: <4A1D90D4.3@net.t-labs.tu-berlin.de> Date: Fri, 29 May 2009 09:52:17 +0200 (CEST) From: "Sebastian Mellmann" To: "Sebastian Mellmann" User-Agent: SquirrelMail/1.4.15 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-ipfw@freebsd.org Subject: Re: Increase maximum queue size in ipfw dummynet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: sebastian.mellmann@net.t-labs.tu-berlin.de List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 07:52:18 -0000 > Is there any chance to increase the maximum size of the ipfw dummynet > queue (maximum is 100 slots right now)? > Do I've to change it in the code? > If yes, where? > After searching the net I could find a thread [1] about this issue. Can someone please clarify if this is still a problem and what needs to be done to increase the queue slot size? Cheers, Sebastian [1] http://osdir.com/ml/os.freebsd.devel.ipfw/2006-10/msg00009.html