Date: Thu, 13 Aug 2015 18:22:53 +0300 From: Alexander V. Chernikov <melifaro@ipfw.ru> To: Luigi Rizzo <rizzo@iet.unipi.it>, Julian Elischer <julian@freebsd.org> Cc: Ian Smith <smithi@nimnet.asn.au>, "freebsd-ipfw@freebsd.org" <freebsd-ipfw@freebsd.org> Subject: Re: ipfw delete 100-300 Message-ID: <932331439479373@web29h.yandex.ru> In-Reply-To: <CA%2BhQ2%2Bi1qiE883yrSbZowg9WvtKB67TTgNp7pqT9ib60Nuri0w@mail.gmail.com> References: <55BF368A.60004@elischer.org> <20150803234952.O17327@sola.nimnet.asn.au> <925201438613458@web7h.yandex.ru> <55BFC7A7.2000907@freebsd.org> <252361438673995@web5h.yandex.ru> <55CC1BFF.5090800@freebsd.org> <20150813233624.P8515@sola.nimnet.asn.au> <CA%2BhQ2%2Bg-kU9U1nK-EOiuoEkBF=SAaX=RBETW69K%2BNrLAcQK1Ew@mail.gmail.com> <20150814003533.I8515@sola.nimnet.asn.au> <55CCB543.20504@freebsd.org> <CA%2BhQ2%2Bi1qiE883yrSbZowg9WvtKB67TTgNp7pqT9ib60Nuri0w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
13.08.2015, 18:21, "Luigi Rizzo" <rizzo@iet.unipi.it>: > On Thu, Aug 13, 2015 at 5:18 PM, Julian Elischer <julian@freebsd.org> wrote: >> On 8/13/15 10:41 PM, Ian Smith wrote: >>> On Thu, 13 Aug 2015 16:30:15 +0200, Luigi Rizzo wrote: >>> > On Thu, Aug 13, 2015 at 4:00 PM, Ian Smith <smithi@nimnet.asn.au> >>> wrote: >>> > > On Thu, 13 Aug 2015 12:24:31 +0800, Julian Elischer wrote: >>> > > > BTW, any ideas as to what causes this? >>> > > > # ipfw show >>> > > > [...] >>> > > > 00400 0 0 deny ip from 10.12.1.0/24 to >>> any in recv >>> > > > xn0 >>> > > > 00500 0 16045693110842147038 deny ip from 204.109.63.0/25 to >>> any in recv >>> > > > xn1 >>> > > > 00600 0 0 allow ip from any to any in >>> recv xn1 >>> > > > [...] >>> > > > 65535 8251 16045693110842147290 deny ip from any to any >>> > > > >>> > > > >>> > > > -current as of the 5th of august >>> > > > FreeBSD vps1.elischer.org 11.0-CURRENT FreeBSD 11.0-CURRENT #1 >>> r286304: Wed >>> > > > Aug 5 14:31:10 PDT 2015 >>> > > > root@vps1.elischer.org:/usr/obj/usr/src-current/sys/VPS1 i386 >>> > > > >>> > > > note i386, not amd64. >>> > > >>> > > Assuming all digits were shown, on a wild hunch: >>> > > >>> > > t23% echo 'scale=20; 2^64 - 16045693110842147038' | bc >>> > > 2401050962867404578 >>> > > t23% echo 'scale=20; 2^63 - 16045693110842147038' | bc >>> > > -6822321073987371230 >>> > > >>> > >>> > bc >>> > obase=16 >>> > 16045693110842147038 >>> > DEADC0DEDEADC0DE >>> > >>> > so... somehow pointing in a bad place. >>> >>> Ah, quite so .. and rule 65535 looks like a slightly worse place. >>> >>> t23% echo 'obase=16; 16045693110842147290' | bc >>> DEADC0DEDEADC1DA >> >> that's deadcode when it's had some packets added to it :-) >> >> I think our friend Mr Chernikov may have tripped up over something.. > > looks more like the "counter" API. The old counters were inline in the rules. In that case we would probably have garbage in pkts counter, too. Anyway, I'm setting up the VM to see if this is kernel or userland problem.. > > cheers > luigi > >>> thanks, Ian >> >> _______________________________________________ >> freebsd-ipfw@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > -- > -----------------------------------------+------------------------------- > Prof. Luigi RIZZO, rizzo@iet.unipi.it . Dip. di Ing. dell'Informazione > http://www.iet.unipi.it/~luigi/ . Universita` di Pisa > TEL +39-050-2217533 . via Diotisalvi 2 > Mobile +39-338-6809875 . 56122 PISA (Italy) > -----------------------------------------+-------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?932331439479373>