Date: Mon, 24 Feb 2014 13:51:33 -0800 (PST) From: George Amanakis <g_amanakis@yahoo.com> To: "bug-followup@FreeBSD.org" <bug-followup@FreeBSD.org>, "a.v.volobuev@gmail.com" <a.v.volobuev@gmail.com>, "andre@freebsd.org" <andre@freebsd.org>, "melifaro@FreeBSD.org" <melifaro@FreeBSD.org>, "freebsd-bugs@freebsd.org" <freebsd-bugs@freebsd.org> Subject: Re: kern/185876: ipfw not matching incoming packets decapsulating ipsec. example l2tp/ipsec Message-ID: <1393278693.34428.YahooMailNeo@web121003.mail.ne1.yahoo.com> In-Reply-To: <1393277450.77946.YahooMailNeo@web121001.mail.ne1.yahoo.com> References: <1393176921.3248.YahooMailNeo@web121006.mail.ne1.yahoo.com> <1393197488.20693.YahooMailNeo@web121004.mail.ne1.yahoo.com> <1393277450.77946.YahooMailNeo@web121001.mail.ne1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The problem seems to be that M_SKIP_FIREWALL (macro of M_PROTO3) is =0Aclea= red through m_clrprotoflags(), i.e. not transferred between the =0Alayers.= =0A=0AThis is a reversion of the 254519 on 10.0-STABLE:=0A=0AIndex: netinet= /ip_var.h=0A=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A--- netin= et/ip_var.h=A0=A0=A0 (revision 262459)=0A+++ netinet/ip_var.h=A0=A0=A0 (wor= king copy)=0A@@ -163,12 +163,10 @@=0A=A0#define IP_ALLOWBROADCAST=A0=A0=A0 = SO_BROADCAST=A0=A0=A0 /* 0x20 can send broadcast packets */=0A=A0=0A=A0/*= =0A- * IPv4 protocol layer specific mbuf flags.=0A+ * mbuf flag used by ip_= fastfwd=0A=A0 */=0A=A0#define=A0=A0=A0 M_FASTFWD_OURS=A0=A0=A0 =A0=A0=A0 M_= PROTO1=A0=A0=A0 /* changed dst to local */=0A=A0#define=A0=A0=A0 M_IP_NEXTH= OP=A0=A0=A0 =A0=A0=A0 M_PROTO2=A0=A0=A0 /* explicit ip nexthop */=0A-#defin= e=A0=A0=A0 M_SKIP_FIREWALL=A0=A0=A0 =A0=A0=A0 M_PROTO3=A0=A0=A0 /* skip fir= ewall processing,=0A-=A0=A0=A0 =A0=A0=A0 =A0=A0=A0 =A0=A0=A0 =A0=A0=A0 =A0= =A0=A0 =A0=A0 keep in sync with IP6 */=0A=A0#define=A0=A0=A0 M_IP_FRAG=A0= =A0=A0 =A0=A0=A0 M_PROTO4=A0=A0=A0 /* fragment reassembly */=0A=A0=0A=A0#if= def __NO_STRICT_ALIGNMENT=0AIndex: netinet6/ip6_var.h=0A=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A--- netinet6/ip6_var.h=A0=A0=A0 (revisi= on 262459)=0A+++ netinet6/ip6_var.h=A0=A0=A0 (working copy)=0A@@ -293,12 +2= 93,7 @@=0A=A0#define=A0=A0=A0 IPV6_FORWARDING=A0=A0=A0 =A0=A0=A0 0x02=A0=A0= =A0 /* most of IPv6 header exists */=0A=A0#define=A0=A0=A0 IPV6_MINMTU=A0= =A0=A0 =A0=A0=A0 0x04=A0=A0=A0 /* use minimum MTU (IPV6_USE_MIN_MTU) */=0A= =A0=0A-/*=0A- * IPv6 protocol layer specific mbuf flags.=0A- */=0A-#define= =A0=A0=A0 M_IP6_NEXTHOP=A0=A0=A0 =A0=A0=A0 M_PROTO2=A0=A0=A0 /* explicit ip= nexthop */=0A-#define=A0=A0=A0 M_SKIP_FIREWALL=A0=A0=A0 =A0=A0=A0 M_PROTO3= =A0=A0=A0 /* skip firewall processing,=0A-=A0=A0=A0 =A0=A0=A0 =A0=A0=A0 =A0= =A0=A0 =A0=A0=A0 =A0=A0=A0 =A0=A0 keep in sync with IPv4 */=0A+#define=A0= =A0=A0 M_IP6_NEXTHOP=A0=A0=A0 =A0=A0=A0 M_PROTO7=A0=A0=A0 /* explicit ip ne= xthop */=0A=A0=0A=A0#ifdef __NO_STRICT_ALIGNMENT=0A=A0#define IP6_HDR_ALIGN= ED_P(ip)=A0=A0=A0 1=0AIndex: sys/mbuf.h=0A=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=0A--- sys/mbuf.h=A0=A0=A0 (revision 262459)=0A+++ sys/mb= uf.h=A0=A0=A0 (working copy)=0A@@ -235,7 +235,7 @@=0A=A0#define=A0=A0=A0 M_= PROTO9=A0=A0=A0 0x00100000 /* protocol-specific */=0A=A0#define=A0=A0=A0 M_= PROTO10=A0=A0=A0 0x00200000 /* protocol-specific */=0A=A0#define=A0=A0=A0 M= _PROTO11=A0=A0=A0 0x00400000 /* protocol-specific */=0A-#define=A0=A0=A0 M_= PROTO12=A0=A0=A0 0x00800000 /* protocol-specific */=0A+#define=A0=A0=A0 M_S= KIP_FIREWALL=A0=A0=A0 0x00800000=0A=A0=0A=A0/*=0A=A0 * Flags to purge when = crossing layers.=0A@@ -242,13 +242,13 @@=0A=A0 */=0A=A0#define=A0=A0=A0 M_P= ROTOFLAGS \=0A=A0=A0=A0=A0 (M_PROTO1|M_PROTO2|M_PROTO3|M_PROTO4|M_PROTO5|M_= PROTO6|M_PROTO7|M_PROTO8|\=0A-=A0=A0=A0=A0 M_PROTO9|M_PROTO10|M_PROTO11|M_P= ROTO12)=0A+=A0=A0=A0=A0 M_PROTO9|M_PROTO10|M_PROTO11)=0A=0A=A0 /*=0A=A0 * F= lags preserved when copying m_pkthdr.=0A=A0 */=0A=A0#define M_COPYFLAGS \= =0A-=A0=A0=A0 (M_PKTHDR|M_EOR|M_RDONLY|M_BCAST|M_MCAST|M_VLANTAG|M_PROMISC|= \=0A+=A0=A0=A0 (M_PKTHDR|M_EOR|M_RDONLY|M_SKIP_FIREWALL|M_BCAST|M_MCAST|M_= VLANTAG|M_PROMISC| \=0A=A0=A0=A0=A0=A0 M_PROTOFLAGS)=0A=A0/*=0A@@ -255,12 += 255,12 @@=0A=A0 * Mbuf flag description for use with printf(9) %b identifie= r.=0A=A0 */=0A=A0#define=A0=A0=A0 M_FLAG_BITS \=0A-=A0=A0=A0 "\20\1M_EXT\2M= _PKTHDR\3M_EOR\4M_RDONLY\5M_BCAST\6M_MCAST" \=0A-=A0=A0=A0 "\7M_PROMISC\10M= _VLANTAG\11M_FLOWID"=0A+=A0=A0=A0 "\20\1M_EXT\2M_PKTHDR\3M_EOR\4M_RDONLY\5M= _SKIP_FIREWALL\6M_BCAST\7M_MCAST" \=0A+=A0=A0=A0 "\8M_PROMISC\10M_VLANTAG\1= 1M_FLOWID"=0A=A0#define=A0=A0=A0 M_FLAG_PROTOBITS \=0A=A0=A0=A0=A0 "\15M_PR= OTO1\16M_PROTO2\17M_PROTO3\20M_PROTO4\21M_PROTO5" \=0A=A0=A0=A0=A0 "\22M_PR= OTO6\23M_PROTO7\24M_PROTO8\25M_PROTO9\26M_PROTO10" \=0A-=A0=A0=A0 "\27M_PRO= TO11\30M_PROTO12"=0A+=A0=A0=A0 "\27M_PROTO11"=0A=A0#define=A0=A0=A0 M_FLAG_= PRINTF (M_FLAG_BITS M_FLAG_PROTOBITS)=0A=A0=0A=A0/*=0A From owner-freebsd-bugs@FreeBSD.ORG Mon Feb 24 22:09:52 2014 Return-Path: <owner-freebsd-bugs@FreeBSD.ORG> Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3621A409; Mon, 24 Feb 2014 22:09:52 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0886D1C5F; Mon, 24 Feb 2014 22:09:52 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s1OM9prA044457; Mon, 24 Feb 2014 22:09:51 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s1OM9peL044456; Mon, 24 Feb 2014 22:09:51 GMT (envelope-from linimon) Date: Mon, 24 Feb 2014 22:09:51 GMT Message-Id: <201402242209.s1OM9peL044456@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org From: linimon@FreeBSD.org Subject: Re: ports/187007: [maintainer update] net/tigervnc: Fix disabling VIEWER option didn't work, support stage, etc X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Bug reports <freebsd-bugs.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>, <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/> List-Post: <mailto:freebsd-bugs@freebsd.org> List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>, <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe> X-List-Received-Date: Mon, 24 Feb 2014 22:09:52 -0000 Synopsis: [maintainer update] net/tigervnc: Fix disabling VIEWER option didn't work, support stage, etc Responsible-Changed-From-To: freebsd-bugs->freebsd-ports-bugs Responsible-Changed-By: linimon Responsible-Changed-When: Mon Feb 24 22:09:43 UTC 2014 Responsible-Changed-Why: ports PR. http://www.freebsd.org/cgi/query-pr.cgi?pr=187007
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1393278693.34428.YahooMailNeo>