From owner-freebsd-pf@freebsd.org Sun May 9 21:00:44 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4D9856423DF for ; Sun, 9 May 2021 21:00:44 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4Fdc640zR5z3st4 for ; Sun, 9 May 2021 21:00:44 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.nyi.freebsd.org (Postfix) id 1C13464259D; Sun, 9 May 2021 21:00:44 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1B875642252 for ; Sun, 9 May 2021 21:00:44 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fdc636g2rz3st3 for ; Sun, 9 May 2021 21:00:43 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C61C8185C6 for ; Sun, 9 May 2021 21:00:43 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 149L0hcV079881 for ; Sun, 9 May 2021 21:00:43 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 149L0hx1079880 for pf@FreeBSD.org; Sun, 9 May 2021 21:00:43 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202105092100.149L0hx1079880@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: pf@FreeBSD.org Subject: Problem reports for pf@FreeBSD.org that need special attention Date: Sun, 9 May 2021 21:00:43 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 May 2021 21:00:44 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- Open | 203735 | Transparent interception of ipv6 with squid and p Open | 237973 | pf: implement egress keyword to simplify rules ac 2 problems total for which you should take action. From owner-freebsd-pf@freebsd.org Mon May 10 15:44:16 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 718C163B1F5 for ; Mon, 10 May 2021 15:44:16 +0000 (UTC) (envelope-from xavier@amdh.fr) Received: from aragorn.amdh.fr (aragorn.groumpf.org [176.31.180.205]) by mx1.freebsd.org (Postfix) with ESMTP id 4Ff52R1vWQz3ljR for ; Mon, 10 May 2021 15:44:14 +0000 (UTC) (envelope-from xavier@amdh.fr) Received: from numenor.groumpf.org (unknown [78.251.129.10]) by aragorn.amdh.fr (Postfix) with ESMTP id 6A71A5F750 for ; Mon, 10 May 2021 17:44:08 +0200 (CEST) Received: from numenor.groumpf.org (localhost [127.0.0.1]) by numenor.groumpf.org (Postfix) with UTF8SMTP id 2D3461906BB for ; Mon, 10 May 2021 17:44:08 +0200 (CEST) X-Virus-Scanned: amavisd-new at groumpf.org Received: from numenor.groumpf.org ([127.0.0.1]) by numenor.groumpf.org (ns3.groumpf.org [127.0.0.1]) (amavisd-new, port 10024) with UTF8LMTP id X6EMQ9cXOPKN; Mon, 10 May 2021 17:43:52 +0200 (CEST) Received: from [192.168.100.30] (unknown [192.168.100.30]) by numenor.groumpf.org (Postfix) with UTF8SMTPSA id EDD451907C7; Mon, 10 May 2021 17:43:51 +0200 (CEST) Message-ID: Date: Mon, 10 May 2021 17:43:51 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:89.0) Gecko/20100101 Thunderbird/89.0 To: freebsd-pf@freebsd.org, Xavier Content-Language: fr From: Xavier Humbert Subject: Test Organization: AMDH.FR Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4Ff52R1vWQz3ljR X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of xavier@amdh.fr has no SPF policy when checking 176.31.180.205) smtp.mailfrom=xavier@amdh.fr X-Spamd-Result: default: False [-1.15 / 15.00]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[176.31.180.205:from]; RCVD_COUNT_FIVE(0.00)[5]; NEURAL_HAM_MEDIUM(-0.99)[-0.995]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-pf@freebsd.org]; DMARC_NA(0.00)[amdh.fr]; AUTH_NA(1.00)[]; HAS_ORG_HEADER(0.00)[]; SPAMHAUS_ZRD(0.00)[176.31.180.205:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.15)[-0.153]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:16276, ipnet:176.31.0.0/16, country:FR]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-pf] X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2021 15:44:16 -0000 Test -- Xavier HUMBERT AMDH.FR - Infogérance - Architecte Réseaux et Systèmes https://www.amdh.fr/ 2 rue des Patureaux 54460 AINGERAY / FRANCE Tel +33 6 71 17 29 07 Off +33 9 51 00 37 63 From owner-freebsd-pf@freebsd.org Mon May 10 15:46:20 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5807C63B636 for ; Mon, 10 May 2021 15:46:20 +0000 (UTC) (envelope-from xavier@amdh.fr) Received: from aragorn.amdh.fr (aragorn.groumpf.org [176.31.180.205]) by mx1.freebsd.org (Postfix) with ESMTP id 4Ff54q3CFZz3lcg for ; Mon, 10 May 2021 15:46:19 +0000 (UTC) (envelope-from xavier@amdh.fr) Received: from numenor.groumpf.org (unknown [78.251.129.10]) by aragorn.amdh.fr (Postfix) with ESMTP id 37EB05F750 for ; Mon, 10 May 2021 17:46:18 +0200 (CEST) Received: from numenor.groumpf.org (localhost [127.0.0.1]) by numenor.groumpf.org (Postfix) with UTF8SMTP id 129021906BE for ; Mon, 10 May 2021 17:46:18 +0200 (CEST) X-Virus-Scanned: amavisd-new at groumpf.org Received: from numenor.groumpf.org ([127.0.0.1]) by numenor.groumpf.org (ns3.groumpf.org [127.0.0.1]) (amavisd-new, port 10024) with UTF8LMTP id qxhNUoMm8MlD for ; Mon, 10 May 2021 17:46:08 +0200 (CEST) Received: from [192.168.100.30] (unknown [192.168.100.30]) by numenor.groumpf.org (Postfix) with UTF8SMTPSA id 40AEA1906BD for ; Mon, 10 May 2021 17:46:08 +0200 (CEST) Message-ID: <5ae22cb0-41f5-fb76-14f1-9261b9a39e86@amdh.fr> Date: Mon, 10 May 2021 17:46:08 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:89.0) Gecko/20100101 Thunderbird/89.0 Subject: Re: Test Content-Language: fr To: freebsd-pf@freebsd.org References: From: Xavier Humbert Organization: AMDH.FR In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4Ff54q3CFZz3lcg X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of xavier@amdh.fr has no SPF policy when checking 176.31.180.205) smtp.mailfrom=xavier@amdh.fr X-Spamd-Result: default: False [-0.25 / 15.00]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[176.31.180.205:from]; RCVD_COUNT_FIVE(0.00)[5]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-pf@freebsd.org]; TO_DN_NONE(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; HAS_ORG_HEADER(0.00)[]; SPAMHAUS_ZRD(0.00)[176.31.180.205:from:127.0.2.255]; DMARC_NA(0.00)[amdh.fr]; NEURAL_SPAM_MEDIUM(0.69)[0.692]; NEURAL_HAM_SHORT(-0.94)[-0.937]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:16276, ipnet:176.31.0.0/16, country:FR]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-pf] X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2021 15:46:20 -0000 On 10/05/2021 17:43, Xavier Humbert wrote: > Test Sorry, bad typing, didn't meant to send to list. Xavier -- Xavier HUMBERT AMDH.FR - Infogérance - Architecte Réseaux et Systèmes https://www.amdh.fr/ 2 rue des Patureaux 54460 AINGERAY / FRANCE Tel +33 6 71 17 29 07 Off +33 9 51 00 37 63 From owner-freebsd-pf@freebsd.org Tue May 11 15:07:30 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CC70563B010 for ; Tue, 11 May 2021 15:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4Ffh9Z5Bn1z4TBm for ; Tue, 11 May 2021 15:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id B24EE63AEE3; Tue, 11 May 2021 15:07:30 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B216363AD0C for ; Tue, 11 May 2021 15:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ffh9Z4Wkgz4TBl for ; Tue, 11 May 2021 15:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8E79B1A3DF for ; Tue, 11 May 2021 15:07:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14BF7U4m023875 for ; Tue, 11 May 2021 15:07:30 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14BF7UTA023874 for pf@FreeBSD.org; Tue, 11 May 2021 15:07:30 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 254577] [PATCH] pf: Implement the NAT source port selection of MAP-E Customer Edge Date: Tue, 11 May 2021 15:07:30 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 May 2021 15:07:30 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D254577 --- Comment #5 from commit-hook@FreeBSD.org --- A commit in branch stable/12 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3Db0b9525172ba9f8704f810d974f56d4ee= 3aad51f commit b0b9525172ba9f8704f810d974f56d4ee3aad51f Author: Kurosawa Takahiro AuthorDate: 2021-04-13 08:50:00 +0000 Commit: Kristof Provost CommitDate: 2021-05-11 08:27:57 +0000 pf: Implement the NAT source port selection of MAP-E Customer Edge MAP-E (RFC 7597) requires special care for selecting source ports in NAT operation on the Customer Edge because a part of bits of the port numbers are used by the Border Relay to distinguish another side of the IPv4-over-IPv6 tunnel. PR: 254577 Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D29468 (cherry picked from commit 2aa21096c7349390f22aa5d06b373a575baed1b4) lib/libpfctl/libpfctl.c | 24 ++++++++++ lib/libpfctl/libpfctl.h | 1 + sbin/pfctl/parse.y | 57 ++++++++++++++++++++++- sbin/pfctl/pfctl_parser.c | 3 ++ share/man/man5/pf.conf.5 | 24 +++++++++- sys/net/pfvar.h | 1 + sys/netpfil/pf/pf.h | 6 +++ sys/netpfil/pf/pf_ioctl.c | 40 ++++++++++++++++ sys/netpfil/pf/pf_lb.c | 65 ++++++++++++++++++++++---- tests/sys/netpfil/pf/Makefile | 1 + tests/sys/netpfil/pf/map_e.sh (new) | 91 +++++++++++++++++++++++++++++++++= ++++ 11 files changed, 303 insertions(+), 10 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Tue May 11 15:07:31 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F08F963AF46 for ; Tue, 11 May 2021 15:07:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4Ffh9b674Sz4TH5 for ; Tue, 11 May 2021 15:07:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id D11B463AD0F; Tue, 11 May 2021 15:07:31 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D09EA63AF3F for ; Tue, 11 May 2021 15:07:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ffh9b4gZkz4T6C for ; Tue, 11 May 2021 15:07:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 93A941A507 for ; Tue, 11 May 2021 15:07:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14BF7Vvm023897 for ; Tue, 11 May 2021 15:07:31 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14BF7VES023896 for pf@FreeBSD.org; Tue, 11 May 2021 15:07:31 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 254577] [PATCH] pf: Implement the NAT source port selection of MAP-E Customer Edge Date: Tue, 11 May 2021 15:07:31 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 May 2021 15:07:32 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D254577 --- Comment #6 from commit-hook@FreeBSD.org --- A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3De49799dcf14e7026f377d26a70fe0a3a3= d15390a commit e49799dcf14e7026f377d26a70fe0a3a3d15390a Author: Kurosawa Takahiro AuthorDate: 2021-04-13 08:50:00 +0000 Commit: Kristof Provost CommitDate: 2021-05-11 15:04:45 +0000 pf: Implement the NAT source port selection of MAP-E Customer Edge MAP-E (RFC 7597) requires special care for selecting source ports in NAT operation on the Customer Edge because a part of bits of the port numbers are used by the Border Relay to distinguish another side of the IPv4-over-IPv6 tunnel. PR: 254577 Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D29468 (cherry picked from commit 2aa21096c7349390f22aa5d06b373a575baed1b4) lib/libpfctl/libpfctl.c | 24 ++++++++++ lib/libpfctl/libpfctl.h | 1 + sbin/pfctl/parse.y | 57 ++++++++++++++++++++++- sbin/pfctl/pfctl_parser.c | 3 ++ share/man/man5/pf.conf.5 | 24 +++++++++- sys/net/pfvar.h | 1 + sys/netpfil/pf/pf.h | 6 +++ sys/netpfil/pf/pf_ioctl.c | 40 ++++++++++++++++ sys/netpfil/pf/pf_lb.c | 65 ++++++++++++++++++++++---- tests/sys/netpfil/pf/Makefile | 1 + tests/sys/netpfil/pf/map_e.sh (new) | 91 +++++++++++++++++++++++++++++++++= ++++ 11 files changed, 303 insertions(+), 10 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Thu May 13 13:49:34 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5DC31641C3F for ; Thu, 13 May 2021 13:49:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4FgtLk0bCGz4vwV for ; Thu, 13 May 2021 13:49:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 143E7641D5C; Thu, 13 May 2021 13:49:34 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 140C3641CF9 for ; Thu, 13 May 2021 13:49:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FgtLk00P5z3C4Z for ; Thu, 13 May 2021 13:49:34 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E74E01FE88 for ; Thu, 13 May 2021 13:49:33 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14DDnXh5041456 for ; Thu, 13 May 2021 13:49:33 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14DDnX3r041455 for pf@FreeBSD.org; Thu, 13 May 2021 13:49:33 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 255678] security/strongswan cant add routes via RTM_ADD via PF_ROUTE socket Date: Thu, 13 May 2021 13:49:34 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: keywords assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2021 13:49:34 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255678 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression Assignee|bugs@FreeBSD.org |pf@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Thu May 13 14:12:12 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 79CFF642CF7 for ; Thu, 13 May 2021 14:12:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4Fgtrr2rY0z3Dhf for ; Thu, 13 May 2021 14:12:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 61AE464313A; Thu, 13 May 2021 14:12:12 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6179E6431BD for ; Thu, 13 May 2021 14:12:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fgtrr2GLYz3DWD for ; Thu, 13 May 2021 14:12:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 40EEE1FCFC for ; Thu, 13 May 2021 14:12:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14DECCem055222 for ; Thu, 13 May 2021 14:12:12 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14DECCsb055221 for pf@FreeBSD.org; Thu, 13 May 2021 14:12:12 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 255678] security/strongswan cant add routes via RTM_ADD via PF_ROUTE socket Date: Thu, 13 May 2021 14:12:11 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2021 14:12:12 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255678 Marek Zarychta changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zarychtam@plan-b.pwste.edu. | |pl --- Comment #2 from Marek Zarychta --- (In reply to martin.larsson2 from comment #0) Have you tried to check if it works on 13.0-STABLE? There is a couple of fi= xes committed to stable/13 which maybe solved the issue. Please take a look at = bug 255089 and bug 255273. See commits de703e98e6c863874aa6012e3ce1a61eee58c846= and 6f1e5d9169a9cbd65b480cb7c1012c3360d2ba06. https://cgit.freebsd.org/src/commit/?id=3Dde703e98e6c863874aa6012e3ce1a61ee= e58c846 https://cgit.freebsd.org/src/commit/?id=3D6f1e5d9169a9cbd65b480cb7c1012c336= 0d2ba06 --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Fri May 14 12:05:54 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9EE51643A59 for ; Fri, 14 May 2021 12:05:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4FhS0f3vlzz3NXJ for ; Fri, 14 May 2021 12:05:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 86082643B9E; Fri, 14 May 2021 12:05:54 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 85CE16437E6 for ; Fri, 14 May 2021 12:05:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FhS0f359wz3NTl for ; Fri, 14 May 2021 12:05:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 590DF11E96 for ; Fri, 14 May 2021 12:05:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14EC5sPA055926 for ; Fri, 14 May 2021 12:05:54 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14EC5sxf055925 for pf@FreeBSD.org; Fri, 14 May 2021 12:05:54 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 255852] pf: set skip on: serious security hole Date: Fri, 14 May 2021 12:05:54 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2021 12:05:54 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255852 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |secteam@FreeBSD.org Assignee|bugs@FreeBSD.org |pf@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Fri May 14 12:29:08 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1041A645876 for ; Fri, 14 May 2021 12:29:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4FhSWR6tqpz3RGw for ; Fri, 14 May 2021 12:29:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id EA99264591D; Fri, 14 May 2021 12:29:07 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EA62C6457CC for ; Fri, 14 May 2021 12:29:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FhSWR60r5z3RDP for ; Fri, 14 May 2021 12:29:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BD193121F8 for ; Fri, 14 May 2021 12:29:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14ECT7TT071833 for ; Fri, 14 May 2021 12:29:07 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14ECT7T8071832 for pf@FreeBSD.org; Fri, 14 May 2021 12:29:07 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 255852] pf: set skip on: serious security hole Date: Fri, 14 May 2021 12:29:08 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: see_also cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2021 12:29:08 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255852 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.freebsd.org/bu | |gzilla/show_bug.cgi?id=3D2= 509 | |94 CC| |kp@freebsd.org --- Comment #1 from Kristof Provost --- That's the 'set skip on ' issue. I was under the impression that it was fixed in 13.0. By the way, re-apply the ruleset will fix the skip configuration (and apply= ing it again will break it again) on affected systems. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Fri May 14 12:46:54 2021 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B72786462F1 for ; Fri, 14 May 2021 12:46:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4FhSvy4ddWz3jCF for ; Fri, 14 May 2021 12:46:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 9D57264663A; Fri, 14 May 2021 12:46:54 +0000 (UTC) Delivered-To: pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9D1E2646462 for ; Fri, 14 May 2021 12:46:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FhSvy40M1z3hw3 for ; Fri, 14 May 2021 12:46:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 787B012898 for ; Fri, 14 May 2021 12:46:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14ECkswn083716 for ; Fri, 14 May 2021 12:46:54 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14ECks1h083715 for pf@FreeBSD.org; Fri, 14 May 2021 12:46:54 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 255852] pf: set skip on: serious security hole Date: Fri, 14 May 2021 12:46:54 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kp@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2021 12:46:54 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D255852 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Open Assignee|pf@FreeBSD.org |kp@freebsd.org --- Comment #2 from Kristof Provost --- Sigh. I *thought* it was fixed everywhere, but apparently there's yet anoth= er manifestation of it. I am so very sick of this bug. Confirmed to affect main as well. --=20 You are receiving this mail because: You are the assignee for the bug.=