From owner-freebsd-ipfw@freebsd.org Sun Feb 26 19:03:21 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 21296CEE0C3 for ; Sun, 26 Feb 2017 19:03:21 +0000 (UTC) (envelope-from www-data@txd5.teixido.co) Received: from teixidohq.com (txd5.teixido.co [45.56.113.84]) by mx1.freebsd.org (Postfix) with ESMTP id 08EC4D2A for ; Sun, 26 Feb 2017 19:03:20 +0000 (UTC) (envelope-from www-data@txd5.teixido.co) Received: by teixidohq.com (Postfix, from userid 33) id C14469F89; Sun, 26 Feb 2017 16:03:19 -0300 (PYST) Date: Sun, 26 Feb 2017 16:03:19 -0300 To: freebsd-ipfw@freebsd.org From: =?UTF-8?Q?David_Morris?= Subject: =?UTF-8?Q?Business_Opportunity_For_Both_Families=2e?= Message-ID: <8d08627fcfda6b89fd634facae099a47@somosgay.org> X-Priority: 3 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Feb 2017 19:03:21 -0000 My Dear Friend, I am David Morris , Managing Director of Global Financier Ltd in USA / Cana= da .I write you this proposal in good faith hoping that I will rely on you = in a business transaction that require absolute confidentiality and of grea= t interest and benefit to our both families. In 2009,one Mr. Weimin Fred Ahmed an Emirati Citizen, made a fixed deposit = for 36 months, valued at $8,500,000.00 with my bank. I was his account offi= cer before I rose to the position of Managing Director. The maturity date f= or this deposit contract was 27th of September 2011.Sadly Mr. Weimin Fred A= hmed among the death victims in the September 2009 earthquake in Indonesia = that left over 1,200 people dead while he was there on business trip. Since the last quarter of 2010 until today, the management of my bank has b= een finding means to reach him so as ascertain if he will roll over the Dep= osit or have the contract sum withdrawn. When I discovered that this will h= appen, I have tried to think up a procedure to preserve this fund and use t= he proceeds for business. Some directors here have been trying to find out from me the information ab= out this account and the owner, but I have kept it closed because, I know t= hat if they become aware that Mr. Weimin Fred Ahmed is late, they will corn= er the funds for themselves. Therefore, am seeking your co-operation to pre= sent you as the one to benefit from his fund at his death since you have th= e same name, so that my bank headquarters will pay the funds to you. I have= done enough inside bank arrangement and you only have to put in your detai= ls into the information network in the bank computers and reflect you as hi= s next of kin. If you concur with this proposal, I intend for you to retain 50% of the fun= ds while 50% shall be for me. Kindly forward your response to me. Mr. David Morris Managing Director (Head of Global Fianancier Wealth and Investment Manageme= nt) Email: daviddemorris50@gmail.com From owner-freebsd-ipfw@freebsd.org Sun Feb 26 21:00:25 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 701A2CEC6C5 for ; Sun, 26 Feb 2017 21:00:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5F86D896 for ; Sun, 26 Feb 2017 21:00:25 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v1QL0PGE066314 for ; Sun, 26 Feb 2017 21:00:25 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217292] ipfw lookup on fields other than IP source and destination address doesn't work for IPv6 Date: Sun, 26 Feb 2017 21:00:25 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Feb 2017 21:00:25 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217292 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|freebsd-bugs@FreeBSD.org |freebsd-ipfw@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Tue Feb 28 08:09:26 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5AF55CF0071 for ; Tue, 28 Feb 2017 08:09:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 49F58FEC for ; Tue, 28 Feb 2017 08:09:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v1S89P1a053662 for ; Tue, 28 Feb 2017 08:09:26 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related) Date: Tue, 28 Feb 2017 08:09:26 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: bsd@kobyla.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 08:09:26 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D216719 --- Comment #1 from bsd@kobyla.org --- Adding the "not layer2" to ipfw nat rule helps to avoid this problem --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Tue Feb 28 16:05:42 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE545CF1653 for ; Tue, 28 Feb 2017 16:05:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C290C791 for ; Tue, 28 Feb 2017 16:05:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v1SG5eN9059595 for ; Tue, 28 Feb 2017 16:05:42 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 216719] panic: ipfw_check_frame: unknown retval - while trying to ipfw nat incoming packet without translation state (can be L2 firewall related) Date: Tue, 28 Feb 2017 16:05:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: smithi@nimnet.asn.au X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 16:05:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D216719 smithi@nimnet.asn.au changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |smithi@nimnet.asn.au --- Comment #2 from smithi@nimnet.asn.au --- (In reply to bsd from comment #1) You have set net.link.ether.ipfw=3D1b Are you using any rules for layer2 ? If not, set that to 0. If so, likely best to follow the example in ipfw(8) /PACKET FLOW to separate layer2 from layer 3 processing, otherwise every rule is tested on both layer2 and layer 3 passes, i.e. usually on each of 4 passes. Which is why adding 'not layer2' to the nat rule fixed it here, but other dragons may lie hidden in other rules checked at both layers. But of course, it shouldn't panic .. backtrace looks all layer2. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Tue Feb 28 17:27:29 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3D8BBCF1C93 for ; Tue, 28 Feb 2017 17:27:29 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 1DD93766; Tue, 28 Feb 2017 17:27:25 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (220-253-188-71.dyn.iinet.net.au [220.253.188.71]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v1SHREEB015039 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 28 Feb 2017 09:27:18 -0800 (PST) (envelope-from julian@freebsd.org) To: "freebsd-ipfw@freebsd.org" , Luigi Rizzo From: Julian Elischer Subject: dummynet loses ports mask bits Message-ID: Date: Wed, 1 Mar 2017 01:27:09 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 17:27:29 -0000 In the following example it appears that the mask bits for the port number are lost. before I raise a bug.. is there anyone who can see that I am doing anything wrong? I'm not sure what the q131053 stuff is about either, but.. ------------------------------------------ FreeBSD fb10-cc03.kumo.com 10.3-RELEASE-p16 : Wed Feb 22 14:40:53 UTC 2017 amd64 fb10-cc03# ipfw pipe 11 config mask dst-ip 0x000000ff/0x0fff bw 200Kbit/s fb10-cc03# ipfw pipe show 00011: 200.000 Kbit/s 0 ms burst 0 q131083 50 sl. 0 flows (1 buckets) sched 65547 weight 0 lmax 0 pri 0 droptail sched 65547 type FIFO flags 0x1 64 buckets 0 active mask: 0x00 0x00000000/0x0000 -> 0x000000ff/0x0000 From owner-freebsd-ipfw@freebsd.org Tue Feb 28 17:46:17 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 988FBCF11BD for ; Tue, 28 Feb 2017 17:46:17 +0000 (UTC) (envelope-from rizzo.unipi@gmail.com) Received: from mail-it0-x229.google.com (mail-it0-x229.google.com [IPv6:2607:f8b0:4001:c0b::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 586DBB7; Tue, 28 Feb 2017 17:46:17 +0000 (UTC) (envelope-from rizzo.unipi@gmail.com) Received: by mail-it0-x229.google.com with SMTP id 203so14330424ith.0; Tue, 28 Feb 2017 09:46:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=pjwZnF5wNAK08IJ9wpqUWWGoe5ZXBKWGkYgFcgtP9k4=; b=ls3BWkAnstGbB6up9QGKkAgdFvwtYBXxlJyqAofDYKmOCaeXOfSx2f4w06Br3RYo57 H9vUz2mRH8flVNbe0rGki0f4/OJbbd0knp0T35aNZ4UbkQ6NIRrn4FOxvw2V2apHnUTF 66BDHnAHtSRLJv7kT3bN+m87aq0Y4+yQO4v57eslBeU3AqRFsZViLNL7l9wS90ux6qV7 77TEAtzhpQdBIuuO9gWV5ELA2xuAzNMKF33WXOWz4WWlhonBdku1pPv9zoB1vwe/lueZ OnrIzT0YJferS1fnj2UAz9xMCK0bAXPBOaA6VgEKYDWTD04unLKWyeCPDRqGs8j14MhY juFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=pjwZnF5wNAK08IJ9wpqUWWGoe5ZXBKWGkYgFcgtP9k4=; b=Ks6EPEXgzKU/ys/XHzysYjywFbpuYIXm7uaO7AyQqOVYTzi+uuV/XMvm2IIzH8pdf8 J8ASvFAzKXilUDl4J+spr0h1V0lRYQ4AWkDVQqbJlmDuA8WT4fOWsigM8YSCfaErAebO /jrJjx+abFCB4YxAIG251eplz15NbADse2yQ6BZDhJ8ETKlkndyOX8jnWMkN0wVJrpU3 5ARF62qwqeOn8s5Hp1ZRtY5lyh5ZGQVfGYtdfObTmZI9raXO4TRoWlXNIYaBIqWIIF/d wtxlOxvXi/4++q9vuvI3WcgRr22/4ADVgLokDMY5QqJ1cBYh/nGDkS5OF1VQ9RPSFj7H 2C2A== X-Gm-Message-State: AMke39lOKFvBzEfC9B6yG0sbsNFcqQmzyI8z/z2QZI//2kJr4DGjtpcOkrWRiiczgyjSKOfxD0B7/cgzourlKQ== X-Received: by 10.36.65.105 with SMTP id x102mr4042982ita.32.1488303976432; Tue, 28 Feb 2017 09:46:16 -0800 (PST) MIME-Version: 1.0 Sender: rizzo.unipi@gmail.com Received: by 10.107.139.203 with HTTP; Tue, 28 Feb 2017 09:46:15 -0800 (PST) In-Reply-To: References: From: Luigi Rizzo Date: Tue, 28 Feb 2017 09:46:15 -0800 X-Google-Sender-Auth: 6zuIJDnwA1r_m_vF7pB1Jt-73Rk Message-ID: Subject: Re: dummynet loses ports mask bits To: Julian Elischer Cc: "freebsd-ipfw@freebsd.org" , Luigi Rizzo Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 17:46:17 -0000 On Tue, Feb 28, 2017 at 9:27 AM, Julian Elischer wrote: > In the following example it appears that the mask bits for the port number > are lost. > before I raise a bug.. is there anyone who can see that I am doing anything > wrong? > > I'm not sure what the q131053 stuff is about either, but.. q131053 is the internal name for the queue associated with the pipe (pipe# + 0x10000). I am not sure if the mask supports ip/port notation (dst-ip covers only the address part). Of course the real bug is that the parser should be more strict and complain about extra/ignored fields. But the ipfw parser is full of these things. cheers luigi > ------------------------------------------ > FreeBSD fb10-cc03.kumo.com 10.3-RELEASE-p16 : Wed Feb 22 14:40:53 UTC 2017 > amd64 > > fb10-cc03# ipfw pipe 11 config mask dst-ip 0x000000ff/0x0fff bw 200Kbit/s > > fb10-cc03# ipfw pipe show > 00011: 200.000 Kbit/s 0 ms burst 0 > q131083 50 sl. 0 flows (1 buckets) sched 65547 weight 0 lmax 0 pri 0 > droptail > sched 65547 type FIFO flags 0x1 64 buckets 0 active > mask: 0x00 0x00000000/0x0000 -> 0x000000ff/0x0000 > -- -----------------------------------------+------------------------------- Prof. Luigi RIZZO, rizzo@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL +39-050-2217533 . via Diotisalvi 2 Mobile +39-338-6809875 . 56122 PISA (Italy) -----------------------------------------+------------------------------- From owner-freebsd-ipfw@freebsd.org Tue Feb 28 17:52:46 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0E053CF141F for ; Tue, 28 Feb 2017 17:52:46 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id E1BD5768 for ; Tue, 28 Feb 2017 17:52:45 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (220-253-188-71.dyn.iinet.net.au [220.253.188.71]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v1SHqevf015100 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Tue, 28 Feb 2017 09:52:44 -0800 (PST) (envelope-from julian@freebsd.org) Subject: Re: dummynet loses ports mask bits To: freebsd-ipfw@freebsd.org References: From: Julian Elischer Message-ID: <0434d9e3-a67d-1621-b509-3c2d73c398be@freebsd.org> Date: Wed, 1 Mar 2017 01:52:34 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 17:52:46 -0000 On 1/3/17 1:27 am, Julian Elischer wrote: > In the following example it appears that the mask bits for the port > number are lost. > before I raise a bug.. is there anyone who can see that I am doing > anything wrong? just realised I'm using wrong syntax need "mask dst-port" fooled by the fact there was no error. > > I'm not sure what the q131053 stuff is about either, but.. > > ------------------------------------------ > FreeBSD fb10-cc03.kumo.com 10.3-RELEASE-p16 : Wed Feb 22 14:40:53 > UTC 2017 amd64 > > fb10-cc03# ipfw pipe 11 config mask dst-ip 0x000000ff/0x0fff bw > 200Kbit/s > > fb10-cc03# ipfw pipe show > 00011: 200.000 Kbit/s 0 ms burst 0 > q131083 50 sl. 0 flows (1 buckets) sched 65547 weight 0 lmax 0 pri > 0 droptail > sched 65547 type FIFO flags 0x1 64 buckets 0 active > mask: 0x00 0x00000000/0x0000 -> 0x000000ff/0x0000 > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > From owner-freebsd-ipfw@freebsd.org Tue Feb 28 17:54:25 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1DC4CCF14D8 for ; Tue, 28 Feb 2017 17:54:25 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id EFC4E809; Tue, 28 Feb 2017 17:54:24 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (220-253-188-71.dyn.iinet.net.au [220.253.188.71]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v1SHsIj5015108 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 28 Feb 2017 09:54:21 -0800 (PST) (envelope-from julian@freebsd.org) Subject: Re: dummynet loses ports mask bits To: Luigi Rizzo References: Cc: "freebsd-ipfw@freebsd.org" , Luigi Rizzo From: Julian Elischer Message-ID: <87c6774f-1a6a-c547-a027-17baa6d3d9f9@freebsd.org> Date: Wed, 1 Mar 2017 01:54:13 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 17:54:25 -0000 On 1/3/17 1:46 am, Luigi Rizzo wrote: > On Tue, Feb 28, 2017 at 9:27 AM, Julian Elischer wrote: >> In the following example it appears that the mask bits for the port number >> are lost. >> before I raise a bug.. is there anyone who can see that I am doing anything >> wrong? >> >> I'm not sure what the q131053 stuff is about either, but.. > q131053 is the internal name for the queue associated with the pipe > (pipe# + 0x10000). > I am not sure if the mask supports ip/port notation (dst-ip covers > only the address part). > Of course the real bug is that the parser should be more strict and complain > about extra/ignored fields. But the ipfw parser is full of these things. > > cheers > luigi my error is I should have used dst-port 0x000f not /0x000f seems to be working now > >> ------------------------------------------ >> FreeBSD fb10-cc03.kumo.com 10.3-RELEASE-p16 : Wed Feb 22 14:40:53 UTC 2017 >> amd64 >> >> fb10-cc03# ipfw pipe 11 config mask dst-ip 0x000000ff/0x0fff bw 200Kbit/s >> >> fb10-cc03# ipfw pipe show >> 00011: 200.000 Kbit/s 0 ms burst 0 >> q131083 50 sl. 0 flows (1 buckets) sched 65547 weight 0 lmax 0 pri 0 >> droptail >> sched 65547 type FIFO flags 0x1 64 buckets 0 active >> mask: 0x00 0x00000000/0x0000 -> 0x000000ff/0x0000 >> > > From owner-freebsd-ipfw@freebsd.org Tue Feb 28 17:57:15 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3F8A8CF155B for ; Tue, 28 Feb 2017 17:57:15 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 1D2708D1; Tue, 28 Feb 2017 17:57:14 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (220-253-188-71.dyn.iinet.net.au [220.253.188.71]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id v1SHv8h5015141 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 28 Feb 2017 09:57:11 -0800 (PST) (envelope-from julian@freebsd.org) Subject: Re: dummynet loses ports mask bits To: Luigi Rizzo References: <87c6774f-1a6a-c547-a027-17baa6d3d9f9@freebsd.org> Cc: "freebsd-ipfw@freebsd.org" , Luigi Rizzo From: Julian Elischer Message-ID: <93a28744-5389-8953-4aef-1ed83ab94efb@freebsd.org> Date: Wed, 1 Mar 2017 01:57:03 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <87c6774f-1a6a-c547-a027-17baa6d3d9f9@freebsd.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 17:57:15 -0000 On 1/3/17 1:54 am, Julian Elischer wrote: > On 1/3/17 1:46 am, Luigi Rizzo wrote: >> On Tue, Feb 28, 2017 at 9:27 AM, Julian Elischer >> wrote: >>> In the following example it appears that the mask bits for the >>> port number >>> are lost. >>> before I raise a bug.. is there anyone who can see that I am doing >>> anything >>> wrong? >>> >>> I'm not sure what the q131053 stuff is about either, but.. >> q131053 is the internal name for the queue associated with the pipe >> (pipe# + 0x10000). >> I am not sure if the mask supports ip/port notation (dst-ip covers >> only the address part). >> Of course the real bug is that the parser should be more strict and >> complain >> about extra/ignored fields. But the ipfw parser is full of these >> things. >> >> cheers >> luigi > > my error is I should have used dst-port 0x000f not /0x000f > seems to be working now >> >>> ------------------------------------------ >>> FreeBSD fb10-cc03.kumo.com 10.3-RELEASE-p16 : Wed Feb 22 14:40:53 >>> UTC 2017 >>> amd64 >>> >>> fb10-cc03# ipfw pipe 11 config mask dst-ip 0x000000ff/0x0fff bw >>> 200Kbit/s >>> >>> fb10-cc03# ipfw pipe show >>> 00011: 200.000 Kbit/s 0 ms burst 0 >>> q131083 50 sl. 0 flows (1 buckets) sched 65547 weight 0 lmax 0 pri 0 >>> droptail >>> sched 65547 type FIFO flags 0x1 64 buckets 0 active >>> mask: 0x00 0x00000000/0x0000 -> 0x000000ff/0x0000 >>> >> >> btw ipfw pipe show only shows queues currently active. is there a way to see 'queues active in the last few seconds"? > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > From owner-freebsd-ipfw@freebsd.org Tue Feb 28 20:20:42 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D970BCF2CC1 for ; Tue, 28 Feb 2017 20:20:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C92F1998 for ; Tue, 28 Feb 2017 20:20:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v1SKKgid033532 for ; Tue, 28 Feb 2017 20:20:42 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217391] [ipfw] [panic] erroneous ipfw rule triggers KASSERT Date: Tue, 28 Feb 2017 20:20:42 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Feb 2017 20:20:42 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217391 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|freebsd-bugs@FreeBSD.org |freebsd-ipfw@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Thu Mar 2 18:46:58 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D2F2DCF64C7 for ; Thu, 2 Mar 2017 18:46:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C2C3FF63 for ; Thu, 2 Mar 2017 18:46:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v22Ikwk7093131 for ; Thu, 2 Mar 2017 18:46:58 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217262] ipfw lookup tables match on index instead of value Date: Thu, 02 Mar 2017 18:46:58 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Mar 2017 18:46:58 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217262 --- Comment #1 from Andrey V. Elsukov --- Created attachment 180444 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D180444&action= =3Dedit Proposed patch Hi, can you test this patch? I think it should fix the problem. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-ipfw@freebsd.org Thu Mar 2 20:14:48 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 53A1CCF5A4D for ; Thu, 2 Mar 2017 20:14:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 439ECF12 for ; Thu, 2 Mar 2017 20:14:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v22KElp6013578 for ; Thu, 2 Mar 2017 20:14:48 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217262] ipfw lookup tables match on index instead of value Date: Thu, 02 Mar 2017 20:14:48 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: rgrimes@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Mar 2017 20:14:48 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217262 --- Comment #2 from Rodney W. Grimes --- I ran the tests Allan posted here against your patch on an 11.0p1 system an= d it indeed has fixed the problem. Please note that we need this and r307628 merged back to 11.0-stable and it would probably be a good idea to file an EN as this has a silent failure mo= de that allows unwanted packets through certain firewall types, though I doubt many are using the table,value mechanism it caused me a fair bit of trouble. --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-ipfw@freebsd.org Thu Mar 2 20:15:19 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 224CDCF5A9A for ; Thu, 2 Mar 2017 20:15:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1230FF72 for ; Thu, 2 Mar 2017 20:15:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v22KFIdS014615 for ; Thu, 2 Mar 2017 20:15:18 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217262] ipfw lookup tables match on index instead of value Date: Thu, 02 Mar 2017 20:15:18 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: rgrimes@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: flagtypes.name Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Mar 2017 20:15:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217262 Rodney W. Grimes changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |mfc-stable11+ --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-ipfw@freebsd.org Fri Mar 3 15:20:40 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9BEF6CF6B45 for ; Fri, 3 Mar 2017 15:20:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8B2DF137D for ; Fri, 3 Mar 2017 15:20:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v23FKdw8051843 for ; Fri, 3 Mar 2017 15:20:40 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217292] ipfw lookup on fields other than IP source and destination address doesn't work for IPv6 Date: Fri, 03 Mar 2017 15:20:39 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Mar 2017 15:20:40 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217292 Andrey V. Elsukov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ae@FreeBSD.org --- Comment #1 from Andrey V. Elsukov --- Created attachment 180465 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D180465&action= =3Dedit Proposed patch Hi, can you test the attached patch? I did only basic test, so if you are a= ble to do a wider testing, please, report what you tried. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Fri Mar 3 20:23:09 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 370BFCF722A for ; Fri, 3 Mar 2017 20:23:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 18DEF1EF4 for ; Fri, 3 Mar 2017 20:23:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v23KN7oR098814 for ; Fri, 3 Mar 2017 20:23:08 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217262] ipfw lookup tables match on index instead of value Date: Fri, 03 Mar 2017 20:23:07 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ae@FreeBSD.org X-Bugzilla-Flags: mfc-stable11+ X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Mar 2017 20:23:09 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217262 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: ae Date: Fri Mar 3 20:22:42 UTC 2017 New revision: 314614 URL: https://svnweb.freebsd.org/changeset/base/314614 Log: Fix matching table entry value. Use real table value instead of its index in valuestate array. When opcode has size equal to ipfw_insn_u32, this means that it should additionally match value specified in d[0] with table entry value. ipfw_table_lookup() returns table value index, use TARG_VAL() macro to convert it to its value. The actual 32-bit value stored in the tag field of table_value structure, where all unspecified u32 values are kept. PR: 217262 Reviewed by: melifaro MFC after: 1 week Sponsored by: Yandex LLC Changes: head/sys/netpfil/ipfw/ip_fw2.c --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-ipfw@freebsd.org Sat Mar 4 01:46:30 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 59B20CF6E2D for ; Sat, 4 Mar 2017 01:46:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 495111BA6 for ; Sat, 4 Mar 2017 01:46:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v241kSmZ056587 for ; Sat, 4 Mar 2017 01:46:30 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 217391] [ipfw] [panic] erroneous ipfw rule triggers KASSERT Date: Sat, 04 Mar 2017 01:46:28 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Mar 2017 01:46:30 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217391 Andrey V. Elsukov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ae@FreeBSD.org --- Comment #2 from Andrey V. Elsukov --- Created attachment 180481 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D180481&action= =3Dedit Proposed patch I think this patch should fix the problem. Can you test it? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Sat Mar 4 17:26:47 2017 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 73C6ACF91F8 for ; Sat, 4 Mar 2017 17:26:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D10B18B4 for ; Sat, 4 Mar 2017 17:26:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v24HQllM096059 for ; Sat, 4 Mar 2017 17:26:47 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ipfw@FreeBSD.org Subject: [Bug 213452] [patch] [ipfw] add support for ipfw ngtee/netgraph actions at layer-2 Date: Sat, 04 Mar 2017 17:26:47 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ports@grosbein.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.isobsolete attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Mar 2017 17:26:47 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213452 Eugene Grosbein changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #175712|0 |1 is obsolete| | --- Comment #1 from Eugene Grosbein --- Created attachment 180505 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D180505&action= =3Dedit add support for ngtee/netgraph ipfw actions for layer-2 frames Patch updated for recent 11-STABLE. --=20 You are receiving this mail because: You are the assignee for the bug.=