From owner-freebsd-ipfw@freebsd.org Sun May 6 21:00:09 2018 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 733F3FC65AD for ; Sun, 6 May 2018 21:00:09 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 08E747B20D for ; Sun, 6 May 2018 21:00:09 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.ysv.freebsd.org (Postfix) id BEA55FC65A9; Sun, 6 May 2018 21:00:08 +0000 (UTC) Delivered-To: ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AC3D3FC65A8 for ; Sun, 6 May 2018 21:00:08 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C81B7B208 for ; Sun, 6 May 2018 21:00:08 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 899EF7C85 for ; Sun, 6 May 2018 21:00:07 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w46L07Iq061843 for ; Sun, 6 May 2018 21:00:07 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w46L07FA061842 for ipfw@FreeBSD.org; Sun, 6 May 2018 21:00:07 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201805062100.w46L07FA061842@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: ipfw@FreeBSD.org Subject: Problem reports for ipfw@FreeBSD.org that need special attention Date: Sun, 6 May 2018 21:00:07 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 May 2018 21:00:09 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- New | 215875 | [ipfw] ipfw lookup tables do not support mbuf_tag 1 problems total for which you should take action. From owner-freebsd-ipfw@freebsd.org Mon May 7 10:20:15 2018 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 35B61FAD3BB for ; Mon, 7 May 2018 10:20:15 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id BD1537EB3E for ; Mon, 7 May 2018 10:20:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 7C74BFAD3B8; Mon, 7 May 2018 10:20:14 +0000 (UTC) Delivered-To: ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 68B09FAD3B7 for ; Mon, 7 May 2018 10:20:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 01DB27EB3A for ; Mon, 7 May 2018 10:20:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 4669316D35 for ; Mon, 7 May 2018 10:20:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w47AKDHX052703 for ; Mon, 7 May 2018 10:20:13 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w47AKDP3052702 for ipfw@FreeBSD.org; Mon, 7 May 2018 10:20:13 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 227674] [ipfw] [ipv6] ICMPv6 echo replies incorrectly matched by kernel ipfw Date: Mon, 07 May 2018 10:20:13 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.1-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 May 2018 10:20:15 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227674 --- Comment #6 from Andrey V. Elsukov --- (In reply to Eugene Grosbein from comment #5) > (In reply to Andrey V. Elsukov from comment #1) >=20 > Have you any plans to merge this to stable/10 ? If you are able to test it on stable/10, feel free to commit it. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-ipfw@freebsd.org Wed May 9 20:43:50 2018 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42E05FCBB1A for ; Wed, 9 May 2018 20:43:50 +0000 (UTC) (envelope-from dkandula@gmail.com) Received: from mail-lf0-x234.google.com (mail-lf0-x234.google.com [IPv6:2a00:1450:4010:c07::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AD4B8687EE for ; Wed, 9 May 2018 20:43:49 +0000 (UTC) (envelope-from dkandula@gmail.com) Received: by mail-lf0-x234.google.com with SMTP id r25-v6so9105163lfd.1 for ; Wed, 09 May 2018 13:43:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=3qolsb5gjbIhSyCgHqxCiok4LSx7dv8+VbEBfaUFrl8=; b=I7bRe/vYp4Ee4g031jl8+/XaebmyAPNiQWCixlpK/2svNkbZBcM9v/2joWg3LTaX74 bYs6iBqiSlpKgGj16Oa5j5KEIMhsK2Pgoe4uC3nHiUN970IN8qLMEJMq0vl8bigclSry LbQEMUyxZ3VJE0COXpA1pKtEL/l+u79tEA7JaccHuM/opG97HmqW9eHWNaLb0haQhZ+b szJRj0hQq5i24dteJfFmoi8Wq+zqWwbXYOkwFLiT//iA/JP4TsQR+7QFh/e9yL3SVisu 5+OrESgISZTsqauvJrGF1+1PxbgGfgk8iIsTckK3rb7AyOkE9oCH77FYRcbpV0Ee9HXr s0Fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=3qolsb5gjbIhSyCgHqxCiok4LSx7dv8+VbEBfaUFrl8=; b=a+AZ+GL3EQEmLoH286GDIIF2TNeGBPBCvxdDXJyh0JU4rXIJ7HgH2Ef8iCdVpiMPM9 DLzi+IzUwiXcd4nEx4gozE5dxAQZ29g3mS06VNh9qr01qcUEy0pJo57mYLXpjLZPYXWM SMz+IXU+P6PrJ6aNw9ZU+xmf4vDLIVR7jKfg4suc8L34OWGS1OSrub62vSAf83xtZrUS Qwudj2xSU6VoPMNOHMzQpccd5T3lfGHN18dqgGhL0KNFlLwo7kWF2x6tRaJLq8nLEleY KfFFN3/W7NpNZRQ+tVJOakOUZyUPbGzq2BCj4KvhSV+9kmm8ORrtEcuC72Pq2wvFXCu1 cj9w== X-Gm-Message-State: ALKqPwfggv0LJZOQD54sJtW8FZ5+DliYDAvBENJDn6+i9FmCJsL1My1O VlJfOH01yUahlNurJ45AizijWCsbRTMhuR34eAk= X-Google-Smtp-Source: AB8JxZqfGJ6Qhh1M3lR+PosbhogQFF9m7G/HGsgLdVCq9ZJuBPfaUwk1CMQAu4v6xOYsVxy1IQvKsTQ/Q3Vn4Sf982c= X-Received: by 2002:a19:53d1:: with SMTP id h78-v6mr7113494lfl.70.1525898627992; Wed, 09 May 2018 13:43:47 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a19:4e9a:0:0:0:0:0 with HTTP; Wed, 9 May 2018 13:43:47 -0700 (PDT) From: Dheeraj Kandula Date: Wed, 9 May 2018 16:43:47 -0400 Message-ID: Subject: Dynamic Ipfw and vnet deletion To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 May 2018 20:43:50 -0000 Hi All, When a vnet is deleted, I see that the function vnet_ipfw_uninit is invoked which invokes uma_zdestroy to destroy the zone. When dynamic firewall rules are added, the function add_dyn_rule allocates memory from the ip fw zone using the function uma_zalloc. However the expired dynamic rules are deleted in a timer i.e. via the function check_dyn_rules which is executed periodically whenever the timer fires. Is it possible that when the vnet is being deleted, the cleanup of expired firewall dynamic rules isn't done and the memory is not freed up as the timer has not fired yet. If this is possible then we have a memory leak. Isn't it? Dheeraj