Date: Sat, 15 Aug 2015 00:48:48 +0300 From: Alexander V. Chernikov <melifaro@ipfw.ru> To: Luigi Rizzo <rizzo@iet.unipi.it>, Julian Elischer <julian@freebsd.org> Cc: Ian Smith <smithi@nimnet.asn.au>, "freebsd-ipfw@freebsd.org" <freebsd-ipfw@freebsd.org> Subject: Re: ipfw delete 100-300 Message-ID: <120111439588928@web12j.yandex.ru> In-Reply-To: <932331439479373@web29h.yandex.ru> References: <55BF368A.60004@elischer.org> <20150803234952.O17327@sola.nimnet.asn.au> <925201438613458@web7h.yandex.ru> <55BFC7A7.2000907@freebsd.org> <252361438673995@web5h.yandex.ru> <55CC1BFF.5090800@freebsd.org> <20150813233624.P8515@sola.nimnet.asn.au> <CA%2BhQ2%2Bg-kU9U1nK-EOiuoEkBF=SAaX=RBETW69K%2BNrLAcQK1Ew@mail.gmail.com> <20150814003533.I8515@sola.nimnet.asn.au> <55CCB543.20504@freebsd.org> <CA%2BhQ2%2Bi1qiE883yrSbZowg9WvtKB67TTgNp7pqT9ib60Nuri0w@mail.gmail.com> <932331439479373@web29h.yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
------==--bound.12012.web12j.yandex.ru Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=koi8-r 13.08.2015, 18:22, "Alexander V. Chernikov" <melifaro@ipfw.ru>: > 13.08.2015, 18:21, "Luigi Rizzo" <rizzo@iet.unipi.it>: >> On Thu, Aug 13, 2015 at 5:18 PM, Julian Elischer <julian@freebsd.org> wrote: >>> On 8/13/15 10:41 PM, Ian Smith wrote: >>>> On Thu, 13 Aug 2015 16:30:15 +0200, Luigi Rizzo wrote: >>>> > On Thu, Aug 13, 2015 at 4:00 PM, Ian Smith <smithi@nimnet.asn.au> >>>> wrote: >>>> > > On Thu, 13 Aug 2015 12:24:31 +0800, Julian Elischer wrote: >>>> > > > BTW, any ideas as to what causes this? >>>> > > > # ipfw show >>>> > > > [...] >>>> > > > 00400 0 0 deny ip from 10.12.1.0/24 to >>>> any in recv >>>> > > > xn0 >>>> > > > 00500 0 16045693110842147038 deny ip from 204.109.63.0/25 to >>>> any in recv >>>> > > > xn1 >>>> > > > 00600 0 0 allow ip from any to any in >>>> recv xn1 >>>> > > > [...] >>>> > > > 65535 8251 16045693110842147290 deny ip from any to any >>>> > > > >>>> > > > >>>> > > > -current as of the 5th of august >>>> > > > FreeBSD vps1.elischer.org 11.0-CURRENT FreeBSD 11.0-CURRENT #1 >>>> r286304: Wed >>>> > > > Aug 5 14:31:10 PDT 2015 >>>> > > > root@vps1.elischer.org:/usr/obj/usr/src-current/sys/VPS1 i386 >>>> > > > >>>> > > > note i386, not amd64. >>>> > > >>>> > > Assuming all digits were shown, on a wild hunch: >>>> > > >>>> > > t23% echo 'scale=20; 2^64 - 16045693110842147038' | bc >>>> > > 2401050962867404578 >>>> > > t23% echo 'scale=20; 2^63 - 16045693110842147038' | bc >>>> > > -6822321073987371230 >>>> > > >>>> > >>>> > bc >>>> > obase=16 >>>> > 16045693110842147038 >>>> > DEADC0DEDEADC0DE >>>> > >>>> > so... somehow pointing in a bad place. >>>> >>>> Ah, quite so .. and rule 65535 looks like a slightly worse place. >>>> >>>> t23% echo 'obase=16; 16045693110842147290' | bc >>>> DEADC0DEDEADC1DA >>> >>> that's deadcode when it's had some packets added to it :-) >>> >>> I think our friend Mr Chernikov may have tripped up over something.. >> >> looks more like the "counter" API. The old counters were inline in the rules. > > In that case we would probably have garbage in pkts counter, too. > Anyway, I'm setting up the VM to see if this is kernel or userland problem.. This is actually counters-related problem. The attached diff should fix it. (But it looks like I'd better get a bit more counter(9) support for that case). >> cheers >> luigi >> >>>> thanks, Ian >>> >>> _______________________________________________ >>> freebsd-ipfw@freebsd.org mailing list >>> https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >>> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >> >> -- >> -----------------------------------------+------------------------------- >> Prof. Luigi RIZZO, rizzo@iet.unipi.it . Dip. di Ing. dell'Informazione >> http://www.iet.unipi.it/~luigi/ . Universita` di Pisa >> TEL +39-050-2217533 . via Diotisalvi 2 >> Mobile +39-338-6809875 . 56122 PISA (Italy) >> -----------------------------------------+------------------------------- ------==--bound.12012.web12j.yandex.ru Content-Disposition: attachment; filename="ipfw_cntr.diff" Content-Transfer-Encoding: base64 Content-Type: text/x-diff; name="ipfw_cntr.diff" SW5kZXg6IHN5cy9uZXRwZmlsL2lwZncvaXBfZndfcHJpdmF0ZS5oCj09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIHN5 cy9uZXRwZmlsL2lwZncvaXBfZndfcHJpdmF0ZS5oCShyZXZpc2lvbiAyODY3NzApCisrKyBzeXMv bmV0cGZpbC9pcGZ3L2lwX2Z3X3ByaXZhdGUuaAkod29ya2luZyBjb3B5KQpAQCAtMjU2LDcgKzI1 Niw3IEBAIHN0cnVjdCBpcF9mdyB7CiAJaXBmd19pbnNuCWNtZFsxXTsJCS8qIHN0b3JhZ2UgZm9y IGNvbW1hbmRzCQkqLwogfTsKIAotI2RlZmluZQlJUEZXX1JVTEVfQ05UUl9TSVpFCSgyICogc2l6 ZW9mKGNvdW50ZXJfdTY0X3QpKQorI2RlZmluZQlJUEZXX1JVTEVfQ05UUl9TSVpFCSgyICogc2l6 ZW9mKHVpbnQ2NF90KSkKIAogI2VuZGlmCiAK ------==--bound.12012.web12j.yandex.ru--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?120111439588928>