From owner-freebsd-standards@FreeBSD.ORG Sun Aug 17 17:28:11 2014 Return-Path: Delivered-To: freebsd-standards@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0F38A59B for ; Sun, 17 Aug 2014 17:28:11 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E3A5A2116 for ; Sun, 17 Aug 2014 17:28:10 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7HHSAtR085564 for ; Sun, 17 Aug 2014 17:28:10 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 192756] New: SPAN port on bridge does not span packets originating locally Date: Sun, 17 Aug 2014 17:28:10 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: 8.3-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jbw@hilltopgroup.com X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Aug 2014 17:28:11 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192756 Bug ID: 192756 Summary: SPAN port on bridge does not span packets originating locally Product: Base System Version: 8.3-RELEASE Hardware: amd64 OS: Any Status: Needs Triage Severity: Affects Only Me Priority: --- Component: standards Assignee: freebsd-standards@FreeBSD.org Reporter: jbw@hilltopgroup.com I have built a firewall/routing box utilizing FreeBSD (8.3-RELEASE) and need to mirror all of the lan-side traffic before it is NATed to another box which will have traffic analysis software running on it. The firewall box has 4 interfaces: 3 wired (re0, re1, re2) and 1 wireless (ath0). re0 is the internet port (WAN), re1 and ath0 are bridged into bridge0 which has my LAN IP (so that both my wired and wireless systems are all on the same physical network), and re2 is a member of bridge0 as a SPAN port. A tcpdump on the SPAN (and on the analysis box) shows that all packets which enter the system via ath0 and re1 are mirrored appropriately, but if the packets originate either on the WAN port (re1) or internal to the firewall box (ping a LAN endpoint from the firewall shell) the packets are not present on the SPAN port. tcpdump on bridge0 captures the packets, so they're definitely on the bridge. In order to eliminate all possibilities I ran a liveCD of FreeBSD 10-RELEASE on a different box box with 4 interfaces with em0 and em1 bridged together into bridge0 with em3 as a SPAN port for bridge0. Bridge0 has the IP. No firewall, no ports, nothing has been installed or configured. On this box, any packets which physically enter either em0 or em1 (the bridged interfaces) are SPANned, but nothing that originates on the fresh box shows up on the SPAN. Again, the packets originating on the system show up on a tcpdump of bridge0. I also tested this on the same system listed here, but with the installed version of 9.0-RELEASE. When giving the IP to one of the physical interfaces, the SPAN port works correctly, and locally generated packets are SPANned appropriately. This isn't ideal as it means that if the physical interface with the IP goes down, clients on the other interfaces will lose connectivity to the system, and when bridging it's ideal to give the IPs to the bridge itself to protect against that possibility. -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-standards@FreeBSD.ORG Sun Aug 17 17:28:33 2014 Return-Path: Delivered-To: freebsd-standards@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1AEA25E3 for ; Sun, 17 Aug 2014 17:28:33 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 02289211F for ; Sun, 17 Aug 2014 17:28:33 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7HHSWc8085665 for ; Sun, 17 Aug 2014 17:28:32 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 192756] SPAN port on bridge does not span packets originating locally Date: Sun, 17 Aug 2014 17:28:33 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 8.3-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jbw@hilltopgroup.com X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: component Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Aug 2014 17:28:33 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192756 jbw@hilltopgroup.com changed: What |Removed |Added ---------------------------------------------------------------------------- Component|standards |kern -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-standards@FreeBSD.ORG Sun Aug 17 17:30:23 2014 Return-Path: Delivered-To: freebsd-standards@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E70A64C for ; Sun, 17 Aug 2014 17:30:23 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 751FF212A for ; Sun, 17 Aug 2014 17:30:23 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7HHUNK2086971 for ; Sun, 17 Aug 2014 17:30:23 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 192756] SPAN port on bridge does not span packets originating locally Date: Sun, 17 Aug 2014 17:30:23 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 8.3-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jbw@hilltopgroup.com X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Aug 2014 17:30:23 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192756 --- Comment #1 from jbw@hilltopgroup.com --- The ifconfig from the 10-RELEASE box is as follows: root@:~ # ifconfig em0: flags=8943 metric 0 mtu 1500 options=4219b ether 00:90:fb:36:78:ec nd6 options=29 media: Ethernet autoselect (100baseTX ) status: active em1: flags=8943 metric 0 mtu 1500 options=4219b ether 00:90:fb:36:78:ed nd6 options=29 media: Ethernet autoselect (1000baseT ) status: active em2: flags=8c02 metric 0 mtu 1500 options=4219b ether 00:90:fb:36:78:ee nd6 options=29 media: Ethernet autoselect status: no carrier em3: flags=8943 metric 0 mtu 1500 options=4219b ether 00:90:fb:36:78:ef nd6 options=29 media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 metric 0 mtu 16384 options=600003 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 inet 127.0.0.1 netmask 0xff000000 nd6 options=21 bridge0: flags=8843 metric 0 mtu 1500 ether ce:52:1f:48:3f:45 inet 192.168.6.19 netmask 0xffffff00 broadcast 192.168.6.255 nd6 options=9 id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: em1 flags=143 ifmaxaddr 0 port 2 priority 128 path cost 20000 member: em0 flags=143 ifmaxaddr 0 port 1 priority 128 path cost 200000 member: em3 flags=8 ifmaxaddr 0 port 4 priority 128 path cost 200000 And the tcpdumps showing the behavior: >From the box (liveCD) in question (with the IP of 192.168.6.19): root@:~ # ping 192.168.6.108 PING 192.168.6.108 (192.168.6.108): 56 data bytes 64 bytes from 192.168.6.108: icmp_seq=0 ttl=128 time=0.612 ms 64 bytes from 192.168.6.108: icmp_seq=1 ttl=128 time=0.464 ms 64 bytes from 192.168.6.108: icmp_seq=2 ttl=128 time=0.528 ms And on the same box: root@:~ # tcpdump -ni em3 host 192.168.6.108 and icmp tcpdump: WARNING: em3: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on em3, link-type EN10MB (Ethernet), capture size 65535 bytes capability mode sandbox enabled 15:16:07.658004 IP 192.168.6.108 > 192.168.6.19: ICMP echo reply, id 25865, seq 0, length 64 15:16:08.701353 IP 192.168.6.108 > 192.168.6.19: ICMP echo reply, id 25865, seq 1, length 64 15:16:09.763414 IP 192.168.6.108 > 192.168.6.19: ICMP echo reply, id 25865, seq 2, length 64 -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-standards@FreeBSD.ORG Mon Aug 18 06:55:36 2014 Return-Path: Delivered-To: freebsd-standards@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 988CF8D8 for ; Mon, 18 Aug 2014 06:55:36 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7C8893290 for ; Mon, 18 Aug 2014 06:55:36 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7I6ta8T048906 for ; Mon, 18 Aug 2014 06:55:36 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 191586] FreeBSD doesn't validate negative edgecases in bind(2)/connect(2)/listen(2) like POSIX requires Date: Mon, 18 Aug 2014 06:55:36 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: 11.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ngie@FreeBSD.org X-Bugzilla-Status: Needs MFC X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 06:55:36 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191586 Garrett Cooper changed: What |Removed |Added ---------------------------------------------------------------------------- Status|In Discussion |Needs MFC CC| |ngie@FreeBSD.org -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-standards@FreeBSD.ORG Mon Aug 18 08:00:14 2014 Return-Path: Delivered-To: freebsd-standards@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A6E653A5 for ; Mon, 18 Aug 2014 08:00:14 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94E7F378E for ; Mon, 18 Aug 2014 08:00:14 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7I80EOk088731 for ; Mon, 18 Aug 2014 08:00:14 GMT (envelope-from bugzilla-noreply@freebsd.org) Message-Id: <201408180800.s7I80EOk088731@kenobi.freebsd.org> From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bugzilla] Commit Needs MFC MIME-Version: 1.0 X-Bugzilla-Type: whine X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated Date: Mon, 18 Aug 2014 08:00:14 +0000 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Aug 2014 08:00:14 -0000 Hi, You have a bug in the "Needs MFC" state which has not been touched in 7 or more days. This email serves as a reminder that you may want to MFC this bug or marked it as completed. In the event you have a longer MFC timeout you may update this bug with a comment and I won't remind you again for 7 days. This reminder is only sent on Mondays. Please file a bug about concerns you may have. This search was scheduled by eadler@FreeBSD.org. (2 bugs) Bug 164787: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=164787 Severity: Affects Only Me Priority: Normal Hardware: Any Assignee: freebsd-standards@FreeBSD.org Status: Needs MFC Resolution: Summary: dirfd() function not available when _POSIX_C_SOURCE is defined Bug 188036: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188036 Severity: Affects Only Me Priority: Normal Hardware: Any Assignee: freebsd-standards@FreeBSD.org Status: Needs MFC Resolution: Summary: mblen(3) in EUC locales causes crash and segmentation fault.