From nobody Wed Jul 28 08:52:04 2021 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 2967912AD972 for ; Wed, 28 Jul 2021 08:52:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GZS8N0Z3rz4br0 for ; Wed, 28 Jul 2021 08:52:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F0C9C1B3D7 for ; Wed, 28 Jul 2021 08:52:03 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 16S8q3M9003162 for ; Wed, 28 Jul 2021 08:52:03 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 16S8q3Ao003161 for pf@FreeBSD.org; Wed, 28 Jul 2021 08:52:03 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 257469] pf: yesterday changes broke sysutils/pftop with 'DIOCGETSTATUS: Permission denied' Date: Wed, 28 Jul 2021 08:52:04 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: keywords assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257469 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression Assignee|bugs@FreeBSD.org |pf@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Jul 28 08:56:57 2021 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 3C7C612AE800 for ; Wed, 28 Jul 2021 08:56:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GZSG10v3Lz4cxG for ; Wed, 28 Jul 2021 08:56:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 02F4E1B417 for ; Wed, 28 Jul 2021 08:56:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 16S8uuTV005380 for ; Wed, 28 Jul 2021 08:56:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 16S8uuXp005379 for pf@FreeBSD.org; Wed, 28 Jul 2021 08:56:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 257469] pf: yesterday changes broke sysutils/pftop with 'DIOCGETSTATUS: Permission denied' Date: Wed, 28 Jul 2021 08:56:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: raul.munoz@custos.es X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257469 --- Comment #2 from Ra=C3=BAl --- (In reply to Herbert J. Skuhra from comment #1) You were right, working after rebuilding the port. Thanks!. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Jul 28 09:01:15 2021 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id E080E12AE966 for ; Wed, 28 Jul 2021 09:01:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GZSLy5lWlz4dTn for ; Wed, 28 Jul 2021 09:01:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AC7481B48F for ; Wed, 28 Jul 2021 09:01:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 16S91EUT006864 for ; Wed, 28 Jul 2021 09:01:14 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 16S91E6s006863 for pf@FreeBSD.org; Wed, 28 Jul 2021 09:01:14 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 257469] pf: yesterday changes broke sysutils/pftop with 'DIOCGETSTATUS: Permission denied' Date: Wed, 28 Jul 2021 09:01:15 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: regression X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kp@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to cc bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257469 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|pf@FreeBSD.org |kp@freebsd.org CC| |kp@freebsd.org Status|New |In Progress --- Comment #3 from Kristof Provost --- Yeah, rebuilding the port would work, because I accidentally changed the si= ze of the pf_status struct. That wasn't supposed to happen. I'll fix that, but that does mean you're going to have to rebuild the port again (or revert to= the pkg version) after it's fixed. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sat Jul 31 13:10:47 2021 X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C604A12D1E03; Sat, 31 Jul 2021 13:10:58 +0000 (UTC) (envelope-from SRS0=zD/e=MX=FreeBSD.org=otis@ns2.wilbury.net) Received: from ns2.wilbury.net (ns2.wilbury.net [IPv6:2a01:b200:0:1:f816:3eff:fecd:13e6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "svc.wilbury.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GcPlk4CVXz4TQV; Sat, 31 Jul 2021 13:10:58 +0000 (UTC) (envelope-from SRS0=zD/e=MX=FreeBSD.org=otis@ns2.wilbury.net) Received: from smtpclient.apple (gw-upc.owhome.net [188.167.168.254]) (Authenticated sender: juraj@lutter.sk) by svc.wilbury.net (Postfix) with ESMTPSA id 127F845CF6B; Sat, 31 Jul 2021 15:10:48 +0200 (CEST) Content-Type: text/plain; charset=utf-8 List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\)) Subject: Re: How to Force Packet Traversal Order (IPFW2 => PF) From: Juraj Lutter In-Reply-To: <21339cbe-59c6-5b07-bf8b-8e8612ba64da@grosbein.net> Date: Sat, 31 Jul 2021 15:10:47 +0200 Cc: alfadev , "freebsd-ipfw@FreeBSD.org" , "freebsd-hackers@FreeBSD.org" , "freebsd-pf@FreeBSD.org" Content-Transfer-Encoding: quoted-printable Message-Id: <741DA620-C7E0-4B9B-BC0A-FE1020D80D4C@FreeBSD.org> References: <21339cbe-59c6-5b07-bf8b-8e8612ba64da@grosbein.net> To: Eugene Grosbein X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00,KHOP_HELO_FCRDNS, SPF_HELO_NONE,SPF_SOFTFAIL,TW_PF autolearn=no autolearn_force=no version=3.4.5 X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on ns2.wilbury.net X-Rspamd-Queue-Id: 4GcPlk4CVXz4TQV X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N > On 31 Jul 2021, at 10:17, Eugene Grosbein wrote: >>=20 >> IPFW and PF startup order definitions are in this files >>=20 >> Code: >>=20 >> /usr/src/sys/netpfil/ipfw/ip_fw2.c >> /usr/src/sys/netpfil/pf/pf_ioctl.c >>=20 >> I have not sufficient skills to editing kernel level files >> and tried instructions below but i couldn't changed that order. >>=20 >> I am stuck on this for weeks my mind gonna blow >> Any help would be appreciated at this point.. >=20 > You need not to edit kernel sources. AFAIK it is possible to achieve = what you need > building custom kernel with ipfw included but pf not included to the = kernel and loaded as module. >=20 I wonder if some tweaking using pfilctl(8) would do the trick. I don=E2=80= =99t have any pf+ipfw boxes. otis =E2=80=94 Juraj Lutter otis@FreeBSD.org From nobody Sat Jul 31 14:10:56 2021 X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8817212D5956 for ; Sat, 31 Jul 2021 14:11:07 +0000 (UTC) (envelope-from ian@freebsd.org) Received: from outbound5c.ore.mailhop.org (outbound5c.ore.mailhop.org [54.244.192.240]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4GcR571vpjz4Z1K for ; Sat, 31 Jul 2021 14:11:07 +0000 (UTC) (envelope-from ian@freebsd.org) ARC-Seal: i=1; a=rsa-sha256; t=1627740660; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=L7QjVDWhb8zVuDCba2ADxRl4CGfgTX8TTtWOT6KB3t8lITCmljNpxxcgaugBnUexvnnWcI009mr2W WrwTkR4uWtpvi61FSDzm2NaSkBfNBwBVDOkFrdWmD2k97r0D0EUS2JAcCD7MBDfKddvKsxbJvT/ydJ E1O/ada+aUNojokLglN3MHtaXqypvI3oZ/8yUQLBu3lu+byg++h3btNfzVlo8xVtodcUDJ3XnD76Rd OFlVKHbyu9x/h5QRqkvsBTPewMm0XUjIv7XIRh7CkZqWryKlqIruACjvm0vYjA0faIq4ezoJck1Aid XCpzM26+xweL7gIT2BhvX1az3+4F8lQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:cc:to:from:subject:message-id:dkim-signature:from; bh=pQKnbUAMzuS7j/mlUGvowN+Y5YzqYyrnWlmSHMZYQS0=; b=OXQZfKYLT4mFFNkEZwaGlFrNakT//8NrkrffawvpIbYx41l9ZYYcKyyv9De+Z+Tixgjf16eFTIEbO wCrOPRhBPmjvtj0hnrKXvcv9xNBLVEZKxTGZ9tSQCZrQN8jjMTUprFgJj+l9Hz1VXXURpKnsrsBOiP gZQZbASwfyXlJRA+B/Xs3vjrRY6BbjQAwTqckg3PcRwbp6RRpuWXnDuzsw7BpBo3jGPv6f39R+DUFN iugFs8vmgiJqof4BJTimUswimUwSV3PM1CTReT/P1MMMXSUNrDz8w4sL70OTLDEjIat5DXM+730mUe +BGD/tLddqqzWLItd5fxUo4q6qCfrhw== ARC-Authentication-Results: i=1; outbound3.ore.mailhop.org; spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60; dmarc=none header.from=freebsd.org; arc=none header.oldest-pass=0; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:cc:to:from:subject:message-id:from; bh=pQKnbUAMzuS7j/mlUGvowN+Y5YzqYyrnWlmSHMZYQS0=; b=pKbuimp3D+fvud9vagblS9f/7ZENvetM0UXax4NhUWS5csLxWfs0bRWjnoLDHIPqd4ZDS/wkYqfhd 3JrA3UPGPHp/RK5i2VPBf7KxpRPXFUwgRSsH+aYeWILSIUFBJk6LtoOBMdQt1B8QExvTuVraz1kyxf XFc9IasCg+9GN14Tz4oE88Vp6crhtFWlIiVL23jPILLJrFaCAsXCXHKbVYDqz8ZVNCZ33JAjFRhsS6 1f2kisGr+vO1DrgWof9K3TKHxIDVhXohKbEkPZvoCfF7Qum2pxIhM0BhInv6AwlTlYJ8eyB2x7A0D3 LJvML33b5nMqo8wchLRLl6EJWK8zn8A== X-Originating-IP: 67.177.211.60 X-MHO-RoutePath: aGlwcGll X-MHO-User: 1f8f7e43-f209-11eb-9343-bf9d68d023b6 X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Mail-Handler: DuoCircle Outbound SMTP Received: from ilsoft.org (c-67-177-211-60.hsd1.co.comcast.net [67.177.211.60]) by outbound3.ore.mailhop.org (Halon) with ESMTPSA id 1f8f7e43-f209-11eb-9343-bf9d68d023b6; Sat, 31 Jul 2021 14:10:59 +0000 (UTC) Received: from [172.22.42.84] (rev2.hippie.lan [172.22.42.84]) by ilsoft.org (8.15.2/8.15.2) with ESMTP id 16VEAui8064151; Sat, 31 Jul 2021 08:10:56 -0600 (MDT) (envelope-from ian@freebsd.org) X-Authentication-Warning: paranoia.hippie.lan: Host rev2.hippie.lan [172.22.42.84] claimed to be [172.22.42.84] Message-ID: Subject: Re: How to Force Packet Traversal Order (IPFW2 => PF) From: Ian Lepore To: Juraj Lutter , Eugene Grosbein Cc: alfadev , "freebsd-ipfw@FreeBSD.org" , "freebsd-hackers@FreeBSD.org" , "freebsd-pf@FreeBSD.org" Date: Sat, 31 Jul 2021 08:10:56 -0600 In-Reply-To: <741DA620-C7E0-4B9B-BC0A-FE1020D80D4C@FreeBSD.org> References: <21339cbe-59c6-5b07-bf8b-8e8612ba64da@grosbein.net> <741DA620-C7E0-4B9B-BC0A-FE1020D80D4C@FreeBSD.org> Content-Type: text/plain; charset="windows-1251" User-Agent: Evolution 3.40.3 FreeBSD GNOME Team List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4GcR571vpjz4Z1K X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N On Sat, 2021-07-31 at 15:10 +0200, Juraj Lutter wrote: > > > > On 31 Jul 2021, at 10:17, Eugene Grosbein > > wrote: > > > > > > IPFW and PF startup order definitions are in this files > > > > > > Code: > > > > > > /usr/src/sys/netpfil/ipfw/ip_fw2.c > > > /usr/src/sys/netpfil/pf/pf_ioctl.c > > > > > > I have not sufficient skills to editing kernel level files > > > and tried instructions below but i couldn't changed that order. > > > > > > I am stuck on this for weeks my mind gonna blow > > > Any help would be appreciated at this point.. > > > > You need not to edit kernel sources. AFAIK it is possible to > > achieve what you need > > building custom kernel with ipfw included but pf not included to > > the kernel and loaded as module. > > > > > I wonder if some tweaking using pfilctl(8) would do the trick. I > don’t have any pf+ipfw boxes. > > otis > > — > Juraj Lutter > otis@FreeBSD.org > > > I wonder if netgraph+ipfw might be a better combo than pf+ipfw to get round-robin load balancing. Or if not that directly, then maybe netgraph could help force the ordering the way you want. -- Ian From nobody Sun Aug 1 21:00:58 2021 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 340991347900 for ; Sun, 1 Aug 2021 21:01:03 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GdD7Z6hQTz3j98 for ; Sun, 1 Aug 2021 21:00:58 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B0634134A8 for ; Sun, 1 Aug 2021 21:00:58 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 171L0wQ1013480 for ; Sun, 1 Aug 2021 21:00:58 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 171L0wUw013479 for pf@FreeBSD.org; Sun, 1 Aug 2021 21:00:58 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <202108012100.171L0wUw013479@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: pf@FreeBSD.org Subject: Problem reports for pf@FreeBSD.org that need special attention Date: Sun, 1 Aug 2021 21:00:58 +0000 List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="16278516584.bBb26c.12032" Content-Transfer-Encoding: 7bit X-ThisMailContainsUnwantedMimeParts: Y --16278516584.bBb26c.12032 Date: Sun, 1 Aug 2021 21:00:58 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- Open | 237973 | pf: implement egress keyword to simplify rules ac 1 problems total for which you should take action. --16278516584.bBb26c.12032--