From owner-freebsd-pf@FreeBSD.ORG Mon Sep 28 11:07:01 2009 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 186F0106568F for ; Mon, 28 Sep 2009 11:07:01 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F05008FC20 for ; Mon, 28 Sep 2009 11:07:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n8SB70vH064112 for ; Mon, 28 Sep 2009 11:07:00 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n8SB703C064108 for freebsd-pf@FreeBSD.org; Mon, 28 Sep 2009 11:07:00 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 28 Sep 2009 11:07:00 GMT Message-Id: <200909281107.n8SB703C064108@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-pf@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-pf@FreeBSD.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Sep 2009 11:07:01 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/137982 pf [pf] when pf can hit state limits, random IP failures o kern/136781 pf [pf] Packets appear to drop with pf scrub and if_bridg o kern/135948 pf [pf] [gre] pf not natting gre protocol o kern/135162 pf [pfsync] pfsync(4) not usable with GENERIC kernel o kern/134996 pf [pf] Anchor tables not included when pfctl(8) is run w o kern/133732 pf [pf] max-src-conn issue o kern/132769 pf [pf] [lor] 2 LOR's with pf task mtx / ifnet and rtent f kern/132176 pf [pf] pf stalls connection when using route-to [regress o conf/130381 pf [rc.d] [pf] [ip6] ipv6 not fully configured when pf st o kern/129861 pf [pf] [patch] Argument names reversed in pf_table.c:_co o kern/127920 pf [pf] ipv6 and synproxy don't play well together o conf/127814 pf [pf] The flush in pf_reload in /etc/rc.d/pf does not w o kern/127439 pf [pf] deadlock in pf f kern/127345 pf [pf] Problem with PF on FreeBSD7.0 [regression] o kern/127121 pf [pf] [patch] pf incorrect log priority o kern/127042 pf [pf] [patch] pf recursion panic if interface group is o kern/125467 pf [pf] pf keep state bug while handling sessions between s kern/124933 pf [pf] [ip6] pf does not support (drops) IPv6 fragmented o kern/124364 pf [pf] [panic] Kernel panic with pf + bridge o kern/122773 pf [pf] pf doesn't log uid or pid when configured to o kern/122014 pf [pf] [panic] FreeBSD 6.2 panic in pf o kern/121704 pf [pf] PF mangles loopback packets o kern/120281 pf [pf] [request] lost returning packets to PF for a rdr o kern/120057 pf [pf] [patch] Allow proper settings of ALTQ_HFSC. The c o bin/118355 pf [pf] [patch] pfctl(8) help message options order false o kern/114567 pf [pf] [lor] pf_ioctl.c + if.c o kern/114095 pf [carp] carp+pf delay with high state limit o kern/111220 pf [pf] repeatable hangs while manipulating pf tables s conf/110838 pf [pf] tagged parameter on nat not working on FreeBSD 5. o kern/103283 pf pfsync fails to sucessfully transfer some sessions o kern/103281 pf pfsync reports bulk update failures o kern/93825 pf [pf] pf reply-to doesn't work o sparc/93530 pf [pf] Incorrect checksums when using pf's route-to on s o kern/92949 pf [pf] PF + ALTQ problems with latency o bin/86635 pf [patch] pfctl(8): allow new page character (^L) in pf. o kern/82271 pf [pf] cbq scheduler cause bad latency 36 problems total. From owner-freebsd-pf@FreeBSD.ORG Thu Oct 1 07:22:12 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D1A81065672 for ; Thu, 1 Oct 2009 07:22:12 +0000 (UTC) (envelope-from voovoos-fpf@killfile.pl) Received: from mailhub.media4u.pl (mailhub.media4u.pl [194.79.24.10]) by mx1.freebsd.org (Postfix) with ESMTP id E1E498FC15 for ; Thu, 1 Oct 2009 07:22:11 +0000 (UTC) Received: from mail.media4u.pl ([194.79.24.11]:63226) by mailhub.media4u.pl with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MtFkT-000HTL-CF for freebsd-pf@freebsd.org; Thu, 01 Oct 2009 09:06:45 +0200 Received: from voovoos by mail.media4u.pl with local (Exim 4.63) (envelope-from ) id 1MtFkP-000L8g-Kt for freebsd-pf@freebsd.org; Thu, 01 Oct 2009 09:06:41 +0200 Date: Thu, 1 Oct 2009 09:06:41 +0200 From: Maciej Wierzbicki To: freebsd-pf@freebsd.org Message-ID: <20091001070641.GA78518@mail.media4u.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.2i Subject: [FreeBSD 7.2] snmp_pf.so X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 07:22:12 -0000 Hi I am running bsnmpd using the default configuration from /etc/snmpd.config with pf module (theoreticaly) loaded: # # pf(4) module # begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so" As far as I understand, with this module loaded I should have in mib tree pf-related oids, as described in /usr/share/snmp/defs/pf_tree.def But when I am using bsnmpwalk to search them, no hits: # bsnmpwalk | grep ^pf # Oids from mibII_tree.def are available, as mibII is loaded as default, so I assume that my bsnmpd is not including snmp_pf.so somehow. What I am missing? TIA -- | /"\ ASCII ribbon | Maciej Wierzbicki | | \ / campaign against | VOO1-RIPE | | X HTML in email | At paranoia's poison door | | / \ and news | A suspicious mind is a healthy mind. | From owner-freebsd-pf@FreeBSD.ORG Thu Oct 1 10:16:57 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B8DAB1065693 for ; Thu, 1 Oct 2009 10:16:57 +0000 (UTC) (envelope-from loki.fab@gmail.com) Received: from mail-yw0-f179.google.com (mail-yw0-f179.google.com [209.85.211.179]) by mx1.freebsd.org (Postfix) with ESMTP id 551C08FC08 for ; Thu, 1 Oct 2009 10:16:57 +0000 (UTC) Received: by ywh9 with SMTP id 9so7115842ywh.19 for ; Thu, 01 Oct 2009 03:16:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=+4RFA/+Jvn/o/hxnKmZAgnJOFBBS7ZsM0FsUxZjb2LQ=; b=N6jmBd3v2ReejfnsNgfnt7XGA4Mg5YzJgpKgEV5vyFj8HL1bh6Mc/dxU52ielO09Tv IbKIoVQk2alUJ2OUXAysyPWbPo0UDoMxg6hZt6OzHGm4r9RhZOAJ/cnMet/09sWAblIL w6IEPGOPTRcuYmJweDhR+wSv5qKkmg+SzZHnY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=mSqrRyOex3Mw76Hmy5Zli3RaxVBOA1AM/flcn+N/cBh68GBLrlP8QULWm0JdtlNOUq aZwqlioVtDnW3rOcmyYLsv9i82asEfFW7rqXN//j6Eo2ipi+a1+TNf6eapEN3huKEgeZ E1aw1rkWssb+8AeIy/mFcMMuarQ2RZhG6hVmI= MIME-Version: 1.0 Received: by 10.90.149.6 with SMTP id w6mr590203agd.90.1254390330100; Thu, 01 Oct 2009 02:45:30 -0700 (PDT) In-Reply-To: <20091001070641.GA78518@mail.media4u.pl> References: <20091001070641.GA78518@mail.media4u.pl> Date: Thu, 1 Oct 2009 17:45:30 +0800 Message-ID: <4b4a8f2b0910010245u2a02b1c9nae6e5645f583f2cd@mail.gmail.com> From: Ondoy To: Maciej Wierzbicki Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-pf@freebsd.org Subject: Re: [FreeBSD 7.2] snmp_pf.so X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 10:16:57 -0000 without specifying OID, it only walks the mib-2 subtree. try # bsnmpwalk fokus the objects under 1.3.6.1.4.1.12325.1.200 are the pf stuff. regards, On Thu, Oct 1, 2009 at 3:06 PM, Maciej Wierzbicki wrote: > Hi > > I am running bsnmpd using the default configuration from > /etc/snmpd.config with pf module (theoreticaly) loaded: > > # > # pf(4) module > # > begemotSnmpdModulePath."pf" =A0 =A0 =3D "/usr/lib/snmp_pf.so" > > As far as I understand, with this module loaded I should have in mib > tree pf-related oids, as described in /usr/share/snmp/defs/pf_tree.def > > But when I am using bsnmpwalk to search them, no hits: > # bsnmpwalk | grep ^pf > # > > Oids from mibII_tree.def are available, as mibII is loaded as default, > so I assume that my bsnmpd is not including snmp_pf.so somehow. What I > am missing? > > TIA > -- > | =A0/"\ =A0 ASCII ribbon =A0 =A0| =A0 =A0 =A0 =A0 =A0 =A0Maciej Wierzbic= ki =A0 =A0 =A0 =A0 =A0 | > | =A0\ / campaign against =A0| =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0VOO1-RIPE = =A0 =A0 =A0 =A0 =A0 =A0 =A0 | > | =A0 X =A0 =A0HTML in email =A0 | =A0 =A0 =A0 =A0At paranoia's poison do= or =A0 =A0 =A0 | > | =A0/ \ =A0 =A0 and news =A0 =A0 =A0| =A0A suspicious mind is a healthy = mind. =A0| > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > From owner-freebsd-pf@FreeBSD.ORG Thu Oct 1 10:49:05 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C7702106566B for ; Thu, 1 Oct 2009 10:49:05 +0000 (UTC) (envelope-from voovoos-fpf@killfile.pl) Received: from mailhub.media4u.pl (mailhub.media4u.pl [194.79.24.10]) by mx1.freebsd.org (Postfix) with ESMTP id 839B98FC1C for ; Thu, 1 Oct 2009 10:49:05 +0000 (UTC) Received: from mail.media4u.pl ([194.79.24.11]:60688) by mailhub.media4u.pl with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MtJDc-000AqM-Al for freebsd-pf@freebsd.org; Thu, 01 Oct 2009 12:49:04 +0200 Received: from gw.media4u.net.pl ([194.79.25.15]:52903 helo=[192.168.9.33]) by mail.media4u.pl with esmtpa (Exim 4.63) (envelope-from ) id 1MtJDY-00010v-Gd for freebsd-pf@freebsd.org; Thu, 01 Oct 2009 12:49:00 +0200 Message-ID: <4AC4891C.4090403@killfile.pl> Date: Thu, 01 Oct 2009 12:49:00 +0200 From: Maciej Wierzbicki Organization: =?UTF-8?B?xbt5amVteSB3IEtyYWp1IEN1ZG93bnljaCBNZXRhZm9y?= User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: freebsd-pf@freebsd.org References: <20091001070641.GA78518@mail.media4u.pl> <4b4a8f2b0910010245u2a02b1c9nae6e5645f583f2cd@mail.gmail.com> In-Reply-To: <4b4a8f2b0910010245u2a02b1c9nae6e5645f583f2cd@mail.gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [FreeBSD 7.2] snmp_pf.so X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 10:49:05 -0000 Ondoy wrote on 2009-10-01 11:45: > without specifying OID, it only walks the mib-2 subtree. > try > # bsnmpwalk fokus > the objects under 1.3.6.1.4.1.12325.1.200 are the pf stuff. Indeed, thanks. But then I have another question. bsnmpwalk parses some of pf oids and then returns an error: Agent localhost:snmp returned error 1.3.6.1.4.1.12325.1.200.1.9.2.1.20.1 caused error - General error Its pfTablesTblPktsOutXPass in pfTables, I believe. That error is a known issue or I am missing something again? PS also, is it possible to count traffic on interface using snmp per ip address bound to it (not per whole interface)? PPS maybe I should address this discussion to freebsd-net instead? -- * Maciej Wierzbicki * At paranoia's poison door * * VOO1-RIPE * From owner-freebsd-pf@FreeBSD.ORG Thu Oct 1 13:35:31 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA3EC1065695 for ; Thu, 1 Oct 2009 13:35:31 +0000 (UTC) (envelope-from shteryana@gmail.com) Received: from mail-ew0-f208.google.com (mail-ew0-f208.google.com [209.85.219.208]) by mx1.freebsd.org (Postfix) with ESMTP id 61AD18FC1A for ; Thu, 1 Oct 2009 13:35:30 +0000 (UTC) Received: by ewy4 with SMTP id 4so163838ewy.7 for ; Thu, 01 Oct 2009 06:35:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=bR80Gkh0N88cziCLTZA210zyfSyZfFTgtwpgYWzaqS8=; b=t9JoCtzT6qF4libvNLR0/XgY410jUdEUrJDRq23NWi1qYA9nC7WgbDIG6t4zEu1fBZ h6W/2tBz3T8d6Rk0r0OhYjeBS/UkeraPoV/h7toeu122fvAGS8D1ye7a7djpGhqifEoi ONj4XGa22/6Bm2jcJ9t5NBOVs/yQsNVOBweTA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=bJOW/XGrxPSm8XrhyjwzNNKrb7J5qtbOnE5itSmxzmMvs/59HY+cHOiLVRgGnzWDgg cQANyDwDloPRhfzVGoelNjStyhlGBY8GTSzQhSKiNx+WdFcJde0Q24O9cd6fKevzkrBq pZ1H5lNlTRTzw5+XeAwbOqQrY+ime+InJDcQA= MIME-Version: 1.0 Received: by 10.211.147.26 with SMTP id z26mr7649494ebn.73.1254402365237; Thu, 01 Oct 2009 06:06:05 -0700 (PDT) In-Reply-To: <4AC4891C.4090403@killfile.pl> References: <20091001070641.GA78518@mail.media4u.pl> <4b4a8f2b0910010245u2a02b1c9nae6e5645f583f2cd@mail.gmail.com> <4AC4891C.4090403@killfile.pl> Date: Thu, 1 Oct 2009 16:06:05 +0300 Message-ID: <61b573980910010606o575eb28cu7b28ba01992cbdcd@mail.gmail.com> From: Shteryana Shopova To: Maciej Wierzbicki Content-Type: text/plain; charset=UTF-8 Cc: freebsd-pf@freebsd.org Subject: Re: [FreeBSD 7.2] snmp_pf.so X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 13:35:31 -0000 Hi, 2009/10/1 Maciej Wierzbicki : > Ondoy wrote on 2009-10-01 11:45: > >> without specifying OID, it only walks the mib-2 subtree. >> try >> # bsnmpwalk fokus >> the objects under 1.3.6.1.4.1.12325.1.200 are the pf stuff. > > Indeed, thanks. > > But then I have another question. bsnmpwalk parses some of pf oids and then > returns an error: > Agent localhost:snmp returned error > 1.3.6.1.4.1.12325.1.200.1.9.2.1.20.1 caused error - General error > bsnmpwalk -i /usr/share/snmp/defs/pf_tree.def begemotPf By default only the mibII_tree.def and tree.def OID to strings are parsed - you have to tell bsnmpwalk to parse the begemotPf OIDs explicitly . > Its pfTablesTblPktsOutXPass in pfTables, I believe. That error is a known > issue or I am missing something again? > http://people.freebsd.org/~syrinx/snmp/pf_snmp.c-01102009-01.diff - this should fix the error. > PS also, is it possible to count traffic on interface using snmp per ip > address bound to it (not per whole interface)? Hm, I think this should be supposedly done by fetching pfTablesAddrTable, but currently it does not return any data...I am not sure when I will have time to look at this, but of course everyone is more than wellcome to submit a patch :) > PPS maybe I should address this discussion to freebsd-net instead? > -- cheers, Shteryana From owner-freebsd-pf@FreeBSD.ORG Thu Oct 1 13:41:37 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1F091106568B for ; Thu, 1 Oct 2009 13:41:37 +0000 (UTC) (envelope-from roberto@keltia.freenix.fr) Received: from keltia.freenix.fr (keltia.freenix.org [IPv6:2001:660:330f:f820:213:72ff:fe15:f44]) by mx1.freebsd.org (Postfix) with ESMTP id C7CAA8FC1D for ; Thu, 1 Oct 2009 13:41:36 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by keltia.freenix.fr (Postfix/TLS) with ESMTP id F018039F9D for ; Thu, 1 Oct 2009 15:41:35 +0200 (CEST) X-Virus-Scanned: amavisd-new at keltia.freenix.fr Received: from keltia.freenix.fr ([127.0.0.1]) by localhost (keltia.freenix.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B5dy2pYXDT1c for ; Thu, 1 Oct 2009 15:41:35 +0200 (CEST) Received: from rron.freenix.org (unknown [IPv6:2001:660:330f:f820:21b:63ff:fec4:43fc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: roberto) by keltia.freenix.fr (Postfix/TLS) with ESMTPSA id 5BB7C39E17 for ; Thu, 1 Oct 2009 15:41:35 +0200 (CEST) Date: Thu, 1 Oct 2009 15:41:34 +0200 From: Ollivier Robert To: freebsd-pf@freebsd.org Message-ID: <20091001134134.GD1539@rron.freenix.org> References: <200908230132343.SM01728@W500.Go2France.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200908230132343.SM01728@W500.Go2France.com> X-Operating-System: MacOS X / Macbook Pro - FreeBSD 7.2 / Dell D820 SMP User-Agent: Mutt/1.5.20 (2009-06-14) Subject: Re: something like bruteblock for pf? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 13:41:37 -0000 According to Len Conrad: > Anybody know of anything similar for pf? postdandee does such manipulations for Postfix and you can configure it to add/remove pf rules for each address. http://traveler.com.br/blogs/ze/postdandee/ ----- ... my $BLOCKHOSTCOMMAND = 'pfctl -qt blackhole -Tadd $offendingHost 2>\&1 > /dev/null'; my $RELEASEHOSTCOMMAND = 'pfctl -qt blackhole -Tdelete $offendingHost 2>\&1 > /dev/null'; # $ROUTECHECKCOMMAND : # the command you'd like to use when checking for existing routes # postdandee will not try to add a route over an existing one my $ROUTECHECKCOMMAND = 'pfctl -qt blackhole -Tshow'; ... ----- -- Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr In memoriam to Ondine : http://ondine.keltia.net/ From owner-freebsd-pf@FreeBSD.ORG Fri Oct 2 06:59:08 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26100106566B for ; Fri, 2 Oct 2009 06:59:08 +0000 (UTC) (envelope-from voovoos-fpf@killfile.pl) Received: from mailhub.media4u.pl (mailhub.media4u.pl [194.79.24.10]) by mx1.freebsd.org (Postfix) with ESMTP id D4C9F8FC1D for ; Fri, 2 Oct 2009 06:59:07 +0000 (UTC) Received: from mail.media4u.pl ([194.79.24.11]:65093) by mailhub.media4u.pl with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Mtc6c-0000qx-5j; Fri, 02 Oct 2009 08:59:06 +0200 Received: from gw.media4u.net.pl ([194.79.25.15]:54852 helo=[192.168.9.33]) by mail.media4u.pl with esmtpa (Exim 4.63) (envelope-from ) id 1Mtc6Y-0000mw-AV; Fri, 02 Oct 2009 08:59:02 +0200 Message-ID: <4AC5A4B1.9080103@killfile.pl> Date: Fri, 02 Oct 2009 08:58:57 +0200 From: Maciej Wierzbicki Organization: =?UTF-8?B?xbt5amVteSB3IEtyYWp1IEN1ZG93bnljaCBNZXRhZm9y?= User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: freebsd-pf@freebsd.org References: <20091001070641.GA78518@mail.media4u.pl> <4b4a8f2b0910010245u2a02b1c9nae6e5645f583f2cd@mail.gmail.com> <4AC4891C.4090403@killfile.pl> <61b573980910010606o575eb28cu7b28ba01992cbdcd@mail.gmail.com> In-Reply-To: <61b573980910010606o575eb28cu7b28ba01992cbdcd@mail.gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: [FreeBSD 7.2] snmp_pf.so X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Oct 2009 06:59:08 -0000 Shteryana Shopova wrote on 2009-10-01 15:06: > http://people.freebsd.org/~syrinx/snmp/pf_snmp.c-01102009-01.diff - > this should fix the error. It does, but then it produces infinite amount of 1.3.6.1.4.1.12325.1.200.1.10.2.1.2 without values, so I must break bsnmpwalk by hand: [...] pfTablesTblPktsOutBlock[1] = 0 pfTablesTblPktsOutXPass[1] = 0 pfAltqQueueNumber.0 = 0 1.3.6.1.4.1.12325.1.200.1.10.2.1.2 = 1.3.6.1.4.1.12325.1.200.1.10.2.1.2 = [tons of 1.3.6.1.4.1.12325.1.200.1.10.2.1.2 =] > Hm, I think this should be supposedly done by fetching > pfTablesAddrTable, but currently it does not return any data...I am > not sure when I will have time to look at this, but of course everyone > is more than wellcome to submit a patch :) Can you give a tip to which files I should look into? -- * Maciej Wierzbicki * At paranoia's poison door * * VOO1-RIPE * From owner-freebsd-pf@FreeBSD.ORG Sat Oct 3 19:51:37 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 05DA7106566B for ; Sat, 3 Oct 2009 19:51:37 +0000 (UTC) (envelope-from luizgustavo@luizgustavo.pro.br) Received: from mail-bw0-f227.google.com (mail-bw0-f227.google.com [209.85.218.227]) by mx1.freebsd.org (Postfix) with ESMTP id 9556E8FC13 for ; Sat, 3 Oct 2009 19:51:36 +0000 (UTC) Received: by bwz27 with SMTP id 27so1627479bwz.43 for ; Sat, 03 Oct 2009 12:51:35 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.14.22 with SMTP id e22mr1418697faa.42.1254598147970; Sat, 03 Oct 2009 12:29:07 -0700 (PDT) In-Reply-To: <772ca7d0909241942n5ce78cc9sd9855bdd4c1e9c26@mail.gmail.com> References: <772ca7d0909241942n5ce78cc9sd9855bdd4c1e9c26@mail.gmail.com> Date: Sat, 3 Oct 2009 16:29:07 -0300 Message-ID: <772ca7d0910031229w6c395db3x7cde66029ec6c5cf@mail.gmail.com> From: "Luiz Gustavo S. Costa" To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: Fwd: altq over vlan: patch exists ? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Oct 2009 19:51:37 -0000 ---------- Forwarded message ---------- From: Luiz Gustavo S. Costa Date: 2009/9/24 Subject: altq over vlan: patch exists ? To: freebsd-hackers@freebsd.org Hi guys, The configuration Altq on one interface VLAN is working on OpenBSD and DragonFlyBSD, but FreeBSD no ! exists any patch for this ? or .. why no working ? any reason ? thanx -- Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: contato@mundounix.com.br -- Luiz Gustavo Costa (Powered by BSD) *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+ mundoUnix - Consultoria em Software Livre http://www.mundounix.com.br ICQ: 2890831 / MSN: contato@mundounix.com.br Blog: http://www.luizgustavo.pro.br From owner-freebsd-pf@FreeBSD.ORG Sat Oct 3 20:02:01 2009 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4BD521065676 for ; Sat, 3 Oct 2009 20:02:01 +0000 (UTC) (envelope-from sullrich@gmail.com) Received: from mail-ew0-f209.google.com (mail-ew0-f209.google.com [209.85.219.209]) by mx1.freebsd.org (Postfix) with ESMTP id C1C368FC13 for ; Sat, 3 Oct 2009 20:02:00 +0000 (UTC) Received: by ewy5 with SMTP id 5so1096986ewy.36 for ; Sat, 03 Oct 2009 13:02:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type; bh=Mzm0Rdcny85xgmGw3wepjRiENTxPquGZ7Xo0ccL9aGk=; b=aVKhPFJ1pzpJQ8MBUWc+hy1ieswzUMGoafondiFbk/fVg1mio87IiPeA20tgJWzYDr +2gDmS+kGKNOywBeeTM9H1A66C4jIrm9KYBtBaa9uuqL1N5tBm+eAviLYx0Xl+BwhxB5 y8HgWgMkaeyA6mmVyFg49LraMmxXCvdKWv9+4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=OH8nPyD318m6eLUeZWu8JFkK5RM/Dr4ytSXVT3vwEOGapRU6jJMmeL5kZuiiPixPnv 1GrkgU7w5nkjlmMiMWHqZE1jory7jWV47huKnmTs7SbX7j1rCP6+j9FevJLhosY3I5yg vRn1RRaHo5r6zY1IEO/EgoSaW8OK2k1504zbc= MIME-Version: 1.0 Received: by 10.211.154.18 with SMTP id g18mr1274338ebo.65.1254600119186; Sat, 03 Oct 2009 13:01:59 -0700 (PDT) In-Reply-To: <772ca7d0910031229w6c395db3x7cde66029ec6c5cf@mail.gmail.com> References: <772ca7d0909241942n5ce78cc9sd9855bdd4c1e9c26@mail.gmail.com> <772ca7d0910031229w6c395db3x7cde66029ec6c5cf@mail.gmail.com> From: Scott Ullrich Date: Sat, 3 Oct 2009 16:01:39 -0400 Message-ID: To: "Luiz Gustavo S. Costa" Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-pf@freebsd.org Subject: Re: altq over vlan: patch exists ? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Oct 2009 20:02:01 -0000 On Sat, Oct 3, 2009 at 3:29 PM, Luiz Gustavo S. Costa wrote: > Hi guys, > > The configuration Altq on one interface VLAN is working on OpenBSD and > DragonFlyBSD, but FreeBSD no ! > > exists any patch for this ? or .. why no working ? any reason ? http://cvs.pfsense.org/~sullrich/altq_if_vlan.c.diff But this assumes you know why you want to use this. Max has spoken on this topic quite a bit in the archives. Scott