From nobody Mon Feb 5 15:14:39 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TT90H5N4kz58NXp for ; Mon, 5 Feb 2024 15:14:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TT90H4LKSz4DNX for ; Mon, 5 Feb 2024 15:14:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707146079; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lmASiIkmLD3XnjYQyWSnDieh+WhvfOvTdNiZ5EpmctM=; b=CAlh3plugR8RFyAJ25WvOMm8imFmqXY7nPdF+WkM0+yZhMFAs5+ge/cFYUd17NPQRY6Q3B PH2PoU5GAr8K2Dft77WZWntLD2fBZ9u1PO6Sm0giHnQRXXvV/4JYko3ZL5UNG12A0LGfpz w+m8IB7KWuOjiWS1I/fC3oWbKA6VlPVXtm7Ks0fyy/YAxB4kdrg++zPT9lje18XHaZq5p1 b8LADSlTFgIBHrz/7v7314Y0i28nD8MGdDo77V2Axtc4DaVtjytGDwaukC6h/5YGmFbkoo RE5YI3mtHq9x8/71QrkBU6/BIBLYga0hll+F1hztEfCPKLfq51US+44hJxUlaQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707146079; a=rsa-sha256; cv=none; b=oVN41hkz6aAEmsOWK7n7haVw453oLZtAD5mp0bBklmnO3RrA892M0iySFjIgR8A0Rwm3kI ZW/BYjA+knuAg5Jnwe21PzBEWExN9kIS3/tK3TDp65KVGLo17CGMnJBGiVnddMtsC3+xnW L63hhNUwMGIRJ+tFQKDrbCdnsRX4xRH/S+Mj7rcsYbdd0SB8EMmPJc04NKm0psUd89kKGq j7bEg4bFQ+Gy6mqRQjXnLR3cKs7vUOs+BI6lWMVEiZKFaEsWLNUusnMk3R1/+v9Rz9tkZm yM715o1WWr7QfMUDKoLm1q7CWPOoDHFG7UoHLfuNRZnmORolTAiC2uFctkENBg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TT90H3K4Mzm1C for ; Mon, 5 Feb 2024 15:14:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 415FEd2h056660 for ; Mon, 5 Feb 2024 15:14:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 415FEdwK056659 for pf@FreeBSD.org; Mon, 5 Feb 2024 15:14:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 274310] pf leaks memory Date: Mon, 05 Feb 2024 15:14:39 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 15.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: emaste@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: thj@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274310 Ed Maste changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |emaste@freebsd.org --- Comment #4 from Ed Maste --- Is this issue now resolved? --=20 You are receiving this mail because: You are on the CC list for the bug.= From nobody Mon Feb 5 15:48:39 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TT9lW3KlYz58S2S for ; Mon, 5 Feb 2024 15:48:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TT9lW2H28z4H1p for ; Mon, 5 Feb 2024 15:48:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707148119; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=huMdKMz35wSpDumVhXNAvF2X6bdJv3e7V6KhPE63+/0=; b=X97ZUuzsFQcQekzoAHg9W9XGSXzUk2DkAw2+diXJB/elr3Uw6J67hK0txP9uHUN4PCn0WE wS/8GDUWBi3jHrOPCMNQDEZK2G4RIjNr4RpgdPYXj6TYjLhzpVz4djMQ5uj2QStPgZjrPX FLKuC+bPDMGQxTGiaQNuFlqnUytfIQtME4XkNusM28kFcZl8rVsrm5CdS1rSqyU5wCizWu XjlIy3CHlCRWkVKerKm9Pn5k/wOQc6q43FO0NXEo/N/ON382aEByD05zmNR8Ugjiy3D5T1 qP9bp8yDTs5Wg0b8rhj9yX12Pq2Gblqr86wbYWU4KKNzKDE7bYlUYDgOHSJY7Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707148119; a=rsa-sha256; cv=none; b=AIeXOHhg56yBGf51gf6KiKnkxvD026T4dXC8wnKrjc+p2z97O7HjTLeC8MqSXywCshWpPl ZICQClLT22CoGRN8n6mdFa3gjxMkMzbRfIHBAjZlcNezZZuQT5gQbA00OyTdl+oxCLdiDN YPYWl4JhZYTcquw3WCPOA3Fj6PXlxS/sW2ZnrBPHE/Y3LB25y+T9UAOBnd2Ys437R2Gv+H ffQXKYtRR6M26q12cSIQN+QXkPeOFg2D8IKFld80I2WsGmplXchO5vFl3c0OOrh4DJGkO4 BH981F4U0loYBnBZR3NwIj6lvXk5eYPzCHqwRuL8hnCn6Wd0jT95yPhN2xzOZA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TT9lW1FVwzmKW for ; Mon, 5 Feb 2024 15:48:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 415FmdEU016707 for ; Mon, 5 Feb 2024 15:48:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 415Fmd0F016706 for pf@FreeBSD.org; Mon, 5 Feb 2024 15:48:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 274310] pf leaks memory Date: Mon, 05 Feb 2024 15:48:39 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 15.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: thj@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc resolution bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274310 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kp@freebsd.org Resolution|--- |FIXED Status|New |Closed --- Comment #5 from Kristof Provost --- Yes. --=20 You are receiving this mail because: You are on the CC list for the bug.= From nobody Tue Feb 6 20:59:49 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TTwc50yQXz59xYy for ; Tue, 6 Feb 2024 20:59:49 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TTwc471wXz4WGM for ; Tue, 6 Feb 2024 20:59:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707253189; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qYt6n7OKA9jmfRp5kpwSTFaIuiuX6YUaFKCzMK2JeZo=; b=DRrxgz4txkJA1psZKYx2W1jMg9xWJ+BFdsdS5SH+3R3BKUlK52N8vvPqlF59HUrTW908rp +JkolpQEwuYqFwjFFbAv48qYHeXs7XsCtCfMe8behOBBv1yYUKIKYq8wtuMSHAVH9y9O5i oqUfEMe7RDFmqY5nJKAeLCmyys3LkQdpTYbcQaGbzpWB7gQSM0baVwEHqQfJ8CDhA3yA6b aV/hYmvjfCMTTueF3Dr2pkPGKGe6LHD6MvLp476PInHVXb3ohRhfHlKnGQFI2VCe/DXI3g XK/EqngQx8+xN0x7Mvabn82uFc8eMCoxzl2X6OwcYNYIJcZYLh+/Qlr69MDa9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707253189; a=rsa-sha256; cv=none; b=GCmKja54yIinUzRFjQquiKOADBgmS7SmRivrh1BeDaMGQm1u5e0KuCPyTKBYbQjnU0iriN ip5BY6XtVFDSKqTzWJQEU5CQTMkw2p2I7zlGWvC2UO6xgP/akx+to5WEHh60Gc7f1BOMav ZwVB0aqK/mgpdjfhWJg2zuyIc2DHKEWCd/QkZrfyA3pb63wDjRpA3BJHK7wgSmQENwHISe /lc4oCYXQ1d0vD2PMo/X2J0DVRUYkk9QSdAoe1sBEIxp0AAnjTec84IepLSvl3aNvIl7Rd jPClJltVVTbbC0mDdFp4Z6C4LDNhudaPZ3YwxXTesIC240tvARrgo76JqYMKYQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TTwc466BrzfJx for ; Tue, 6 Feb 2024 20:59:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 416KxmMc085683 for ; Tue, 6 Feb 2024 20:59:48 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 416Kxmmi085682 for pf@FreeBSD.org; Tue, 6 Feb 2024 20:59:48 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276856] pf no longer re-assembles fragments by default Date: Tue, 06 Feb 2024 20:59:49 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276856 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |pf@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Feb 7 08:55:54 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVDVM0n7Hz599MB for ; Wed, 7 Feb 2024 08:55:55 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TVDVL69k3z4rbH for ; Wed, 7 Feb 2024 08:55:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707296154; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rPFy6r8Z6rJnrGPyL3f9VO1gvaiHvUC2QNGLa371jVk=; b=p4vxkTE8baGymhrk/tP2I72SXUyUZZRs42qzLXwq7d5DjVspjSGWiI1c5z3+WIIN9NbluY /4oopbyEud+2Y69a4Z1cwsTPejNF8bXDznRewrevIpo227DWC0xcMm+DuyTmWyZpkOiUT8 FQ/FX1opOFHd/AC9cqXewp0pKXJ3pZ843waQONvX6s+ImEyJTulQkxPvTC8F5lX7wSs+tL NDVYeAuUVFgYdXpFoGRIRFavK4arAibB2tUpZpdxcO1OrwikF9wAu2XM/L6uGtOaTzncVS 5iNQl1lA/Qds5j8moKjicZknKffSaIkM6LHwJVP429y1eCk2f1om7FwAPxE6IQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707296154; a=rsa-sha256; cv=none; b=NVcWgezpkTxw/BZq3SM6p/SjYNDQjT4hyl6xNtHVzo+a8trH/iE49nUoprUuNJyey9P5NA W4bhpTQ6X/xQo6rzYlmfRp9bsz0xk8KBlTgVwat5RVkE8tArdc9iSamkp7a1Hh2+IWdZbm QX+I29IM/6atkiI+tpTmZOEoSRiP6gLxno+94kp9YC3X1fl+x5iJ3fw2RkHhfoFA73PkOQ +m05xISyGPqIf8I27K430IVZLCLYI9Lwg0kHUm/MAcOVscSgCrR0PWz5sbSPcSw4Mdk4WC VEHq1wzKBzDL21aVwWxDJtIF+qIifQ/N0VMp6WI3aUCRnNl7nSS9mi/a+D4i5Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVDVL5Dglz11Hw for ; Wed, 7 Feb 2024 08:55:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 4178tsmK046618 for ; Wed, 7 Feb 2024 08:55:54 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 4178ts7b046616 for pf@FreeBSD.org; Wed, 7 Feb 2024 08:55:54 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276856] pf no longer re-assembles fragments by default Date: Wed, 07 Feb 2024 08:55:54 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: michal.os@hotmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276856 Michal Scigocki changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |michal.os@hotmail.com --- Comment #1 from Michal Scigocki --- I've been able to reproduce this issue. It happens in 14.0-RELEASE and 14.0-STABLE. It may be that pf is not processing (possibly dropping) fragme= nted packets by default. But I haven't checked beyond my ICMP example. This does appear fixed in 15.0-CURRENT, but you would need to check 15.0, mgrooms, and confirm. To reproduce, enable and start pf and pflog, use this pf.conf: block log proto icmp Then send a ping large enough to be fragmented to the pf host from an exter= nal host: ping -c 1 -s 2000 pfhost By default, in 13.2-RELEASE and 15.0-CURRENT, pf will log the blocked icmp request as two fragments. In 14.0-RELEASE and 14.0-STABLE, nothing gets log= ged. A regular small ping that doesn't get fragmented, ping -c 1 pfhost, will be logged. To log the fragmented packets in 14.0, you need to use "scrub fragment no reassemble" in pf.conf. You can log the reassembled packet in 14.0 with eit= her the "set reassemble yes" option, or "scrub" or the equivalent "scrub fragme= nt reassemble". Regarding documentation, the 14.0 pf.conf man page is missing the "set reassemble yes | no [no-df]" option description, however it is mentioned in= the 14.0-RELEASE release notes: https://www.freebsd.org/releases/14.0R/relnotes/#network-general . The 15.0= man page has the new description. Also the pf.conf man page on both 14.0 and 15.0 for the pre-FreeBSD 14 scrub ruleset directive specifies using "no fragment reassemble", which does not work, "pfctl -n -f pf.conf" will throw a syntax error. The working syntax is "fragment no reassemble". --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Feb 7 10:01:20 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVFxr54wcz59Gsl for ; Wed, 7 Feb 2024 10:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TVFxr1lL3z4yy3 for ; Wed, 7 Feb 2024 10:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707300080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=k7wjO8y4K4K/gJ9cmz21g0FOg7E/yOy5XhERyf8ZBrA=; b=V3ln6zaziMynVR+m945WM75BogNW6gvMgX8iVdCY0MYb28x9MKA50DBKRB7awQYG1/6IPR s77SHiBT5k0N9GPj5SiLli/+xBZnRZiJO3ZcK+CNmN0gniVZXXZ2ljMYXwTOQNH7VmriSn Vb/q1v6Nhu2e4TuxLOP08NOOksW1YljJh7Q+MJy9Px3dpHZ5RnJzNrEhgYMYwfYP+A8GX1 u4ILuAUQ8XGKqBVRQO52PHsNB/+PUvuAEFGmxFw3pdYykOdwOy+9eNw9PnBCUEM0rpisha RUUEkroF3x6vgCI0RzA0vjxhA5/x5Tboiz/UGhmHE6TLevW7tnK5X4yZ1UJg9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707300080; a=rsa-sha256; cv=none; b=Ylzv4BWnd0+p2g5bXBHwRYNQiXjhPKNDpRwCza/4/Y0k1IN951x7UKlnFPUV+NzWZCeaiH SUoapPzRczH0YJKhO0joYm0uYwaDXjuDaFujX3LhWCH77+Tn/G31BVhggQPEiDM/IVfD38 5E4uKpZm0PPdru1+D5jhd5JIt5PfL/aj6G9V3XyiCDl4n7Fn7PFHHWzuJiW2T+5lTzgqNY xpzI+8PjzQnJ10JTeTOHjpNttaV8/S2K0expkjSTT7aMzSsR6+/sPZyvNRbBKsVuVol4Ev xz/n+rWzG1VT0Vsctd7cr9rn//ENLHciaQ/4mnSsBM8otxej4fV/XS5ddLwUyQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVFxr0rRwz12q8 for ; Wed, 7 Feb 2024 10:01:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 417A1KLg068957 for ; Wed, 7 Feb 2024 10:01:20 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 417A1KmH068955 for pf@FreeBSD.org; Wed, 7 Feb 2024 10:01:20 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276856] pf no longer re-assembles fragments by default Date: Wed, 07 Feb 2024 10:01:20 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276856 Kajetan Staszkiewicz changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vegeta@tuxpowered.net --- Comment #2 from Kajetan Staszkiewicz --- You might want to consider using the new OpenBSD-compatible syntax. Instead= of using scrub rules, which are evaluated statelessly for each packet, you can enable fragment reassembly with a single "set reassemble yes" option at the= top of pf.conf. There have been some updates to the man page to better describe the behavio= ur change, I don't think they got to FreeBSD 14.0, though. You are right, though, about behaviour change. The problem is that if scrub rules are not present, new syntax is in charge, and for this syntax the def= ault is to not perform reassembly. The comment in the code is quite clear on the logic behind it: we expect people to still have the old style scrub rules in place.=20 I've just missed the fact that scrub rules reassemble packets even when they are not present (Do they? I need to check that, I never relied on packet reassembly in my systems.) I'll talk with kp@ how to address it. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Feb 7 15:19:22 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVP0p4SBhz59YR7 for ; Wed, 7 Feb 2024 15:19:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TVP0p3Qg5z4Jvb for ; Wed, 7 Feb 2024 15:19:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707319162; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JFg0WbVT/UMVgM3GBwKcx8Zsa1IgkuoA2mWW9XsCJw4=; b=OvNUHpQu2T5gH/ukTIbcOzV5rYk7k0vhrZ5S9dJYN9CU5I2DNbGBAr9cGQAYxoaA+cJy09 t+l4WFzh/IbMwhmd6SGyeUmaLqWjq9PL5S08WSj25mX4pg/8KKb2VnSJZTULlr3+T8SbW0 rf62No9lqiGaEgJccW6EvB5eVEEkp/pefoMeFT83omxUbrexPgscfPVqU5FfIAJhHBGmX5 dPF0dGYSUdqEmx2/GjUXJxlp3SkEk4kIEckN4nyOd+xyRCODbFldviCmsw2rl4spKyRaPo VEePplMNznJVcwfduqw8VXiRKBCcXxI4iM1BkMu3X73AAJ0Z6RFVmAfBGKvv6w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707319162; a=rsa-sha256; cv=none; b=htcA8WAZ78dt1Y0yzH79b0OHwEZh0QjDB+fdOEMCpN/hugByNnB/MVSHA0CIVcCqGJG0Kn OktWXEs9hqL/D0STp/2orH6Umfajeir8+jcAp45h/vIqMHt9dc18pElmhV/llQM5ZAezoG MZDnvXLOAIEgDUdDxTypb2YPR0I4YEc9aMbR6XoK1+/7qQaW0KVd2BEBIuJmoIwTlXp3Sg ZsGy/XwWHAisfuVAPNMXeSo/oxy+S8he7qHOcGriBTiSaiZoVfkNCKYa6FZ5RPhJOrnrZ2 OHGkzALHmprv2fUCr1h62J3HrOnE1iv3W6fN357ivZ7jsOoXTgXRa0CEusRxbg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVP0p2VHBz19YP for ; Wed, 7 Feb 2024 15:19:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 417FJMLh047025 for ; Wed, 7 Feb 2024 15:19:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 417FJMHh047024 for pf@FreeBSD.org; Wed, 7 Feb 2024 15:19:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276856] pf no longer re-assembles fragments by default Date: Wed, 07 Feb 2024 15:19:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: mgrooms@shrew.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276856 --- Comment #3 from mgrooms@shrew.net --- I appreciate the pf work on FreeBSD. I've deployed it extensively and use it daily. There is nothing wrong with the new default behavior from my perspective. I= t's just going to bite a lot of people who upgrade to 14 and rely on packet encapsulation due to crypto ( or other use cases ). That adds overhead which will causes fragmentation. The case was handled by default but now it must = be explicitly enabled. And, since it was the default, I would guess that some users didn't know the option existed or what it was doing for them. Having outdated docs doesn't help. I wasn't aware of the newer pf syntax being implemented. Will have a look o= nce the documentation is updated to match. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Feb 7 19:31:39 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVVbw1dT8z59wnw for ; Wed, 7 Feb 2024 19:31:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TVVbv6g6jz4tgj for ; Wed, 7 Feb 2024 19:31:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707334299; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GBqUSzONt/GJdY68XDVibA8472oN7ELfOv1D8aQRPqM=; b=coWDTO73EHw16n9KzWjmVLFj3AXNSppAEyXoNHq+2FjBcFI4n51ZhWJzxm6uuiOoBCJf7q Hoc3TXtd3Ci2S2D12IjkmsmWroCSVydmcGy3HtpiTamkX8LeovP+kSsDn+ARFs/UZnQZE1 RChhn7yKEE591FqLfYzy+zhG3KK4+0nTbjP9igqrDAfzuN3TVCIHz8HvBDykxp+7eDBjG0 dsgyhfNBclF7ZJUG67QHi4PG3cwmVgKDSNRxoOF0wdAJYfhFm5ObaFXPRMyFKNb7lzYw7d 3yGcwZxirM1utcj1lAIr79+EY8wOIsquK36G+tgWZPtsQ3gnYNBlgCJ79HN29A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707334299; a=rsa-sha256; cv=none; b=E3bxIozbiBBuK4jBGboR3Z8CmyNP9ULVENMT8dMryKYhAPufUuKzsUpJ04rt9l8VNGwP6H PVDIbD1qk3fh4+KI7Oom4yEHe4I7GbGQ12eDe5LvpeldWRGwnlaW3Jibv149lWS+lsVdV8 7qqOfK3tDXD2tYe6CAT0xOaTuz25aaiYodBGbnxqbcVMEoRa4y6wYxcjO98V6Hiz3dGKy3 4Tm4w4oXMbUQ5FOY4O1AF9y/0oyhM/Jyb5oRjB8obHE0Sd91h0wyEgxtv03Zqd0n9yARij HvhE2Z/xOyWG+VhonfXLJgHrvnzpxJoCcuawrYVb5yt7idhIwgfFA/vHq1S4oQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVVbv5mJZzKPZ for ; Wed, 7 Feb 2024 19:31:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 417JVde2085069 for ; Wed, 7 Feb 2024 19:31:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 417JVdu3085057 for pf@FreeBSD.org; Wed, 7 Feb 2024 19:31:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276870] mbuf cluster leak with on pf+bird2 bgp routers Date: Wed, 07 Feb 2024 19:31:39 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: glebius@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276870 Gleb Smirnoff changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |pf@FreeBSD.org --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Feb 7 23:37:28 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVc3Y16ntz58Kr3 for ; Wed, 7 Feb 2024 23:37:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TVc3X6Xgvz4R2h for ; Wed, 7 Feb 2024 23:37:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707349048; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PmVJdqHj6bHRdlq8++Ls9mhZpdFddkxzHk/wVdEB1u8=; b=PcsPgMp/iDIfqfOEXOVolV7O06qK6iWVSp0Pz413fd9xPnybmGnOMhXv+nTFxzJNSblt3U 2yl7TI9d2zmyODS0EWtoq+a6Xm/S+k/AFGm1sw0ldQVqON9BuZuWdd4TBXiw/rcfWbh5KF N42G4BO18FSfRjQfiE4Y+3cEcD5nRHPJSJNISdbprMPZ0hLMXhtA78RfL6ntWvSvuSrQH4 c3vPtCzpRdBNdoSLC9rJpb7DJuhk6r91MHTwB3C18HcbHHQhTViguIL2PHHFN8e7ycQH0o zt/aWgoqIWBeAx8kWcsnp89Dl0LgYMG8xdUHXspcerNYOVdnlGoFswdoX8Lxcw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707349048; a=rsa-sha256; cv=none; b=dTmCEpOUTYESQ7VSK0eNnKIm5KFoBYkM7odlJ0kt/6SYPvJ23haoyyvaLYkamWyBauzYUU +mOx7ePdCukEwgQpfy43Mxi+iNaDWYaJXzT5orc+HCmqEavfkneaZSUFFgOGd4p7MKqQya ucSL/UDTpDExjFW2Wdj/Pa9TaUebMeAAMKVM78zi0zkBbOsIFO/KthU0SfLqk9pJn/48s1 xduOJXCYQyxYIbuxOIz5YXtL/asLSgMsN6vYfvf69/oAApocJ6EJzA2G+/lNbz87/6dDtL r/HhLR2ur/IZZvL2zbm6FD/V4QUFBCJuUtJ1+fL9f+OdjLXbwOiV5MfRMSk/Kg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVc3X5X9jzRPf for ; Wed, 7 Feb 2024 23:37:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 417NbS0J016180 for ; Wed, 7 Feb 2024 23:37:28 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 417NbSOG016179 for pf@FreeBSD.org; Wed, 7 Feb 2024 23:37:28 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276856] pf no longer re-assembles fragments by default Date: Wed, 07 Feb 2024 23:37:28 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: michal.os@hotmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276856 --- Comment #4 from Michal Scigocki --- (In reply to mgrooms from comment #3) What version of FreeBSD were you using where the default behaviour worked w= ith your IPSec flows? And before you added the "scrub fragment reassemble" config, did you have a= ny "scrub" statements in the config, or no "scrub" config statements? (In reply to Kajetan Staszkiewicz from comment #2) For FreeBSD 14.0, I think using "scrub" rules may be a work-around to a bro= ader issue. I think pf in 14.0 is not processing fragmented packets correctly. I tried another test, using an empty pf.conf (default pass rule). Monitoring the network interface with tcpdump, sending a large ping (2000 data bytes, = so it will fragment). With pf running, the ping REQUEST is captured on the interface, but the host does not REPLY. If I repeat this with pf stopped, I= get both REQUEST and REPLY. If I do the same test on 13.2 and 15.0, I get both REQUEST and REPLY with pf running. 14.0 is doing something different with the fragmented packets. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Feb 8 09:35:08 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVsK82plPz59N0T for ; Thu, 8 Feb 2024 09:35:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TVsK81LSsz4bKB for ; Thu, 8 Feb 2024 09:35:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707384908; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=DD7npzu71oLZ4KmsLN98lKHX3MmMWsdCriCfRFBqcAQ=; b=AUmo0B8ZnisTObc0A+1Im1fo3oQq8crm44ioWAMF4llvx/UCV8miIj0XLg08w/+o4Fjo/s y7rG1sme5ezUa9dCy2ojZ8MVlW4fe6BA4ju7GiQOzX2yu6Vzi6GcARTkWNQKBAkFAwGgM8 t/YeQBGgAM2etoy4wUa9MMvOoWsgGonfx7JnD9US1g40PWLWENbek32qPh7x+EyetyRyoB TrUW2Vrgc+kvd2QS8uYO8pDJ5kiRInK1XHEbuYXk4BV1bmve3RmbEYSrknCw1AjTSQG0YK AmxyqNqJEMSbi/TQDtb/MMY57eHYXAVjzwGE0L1EEITu/g0tBST1Bt6CtwDKog== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707384908; a=rsa-sha256; cv=none; b=evKr9z+4qul7zcBjkQAdhCYGiJqh4jbtAriUEX0sUbUEpP1ZQP2sRRSufYtPNtJwMzNl9t DuYTSY0DdRLJjcFVM5+gLbeUPB4xVQ2T3s87OzrZTX8+T3sSsCVSeTmVS1VUBAJt89reix frb9QK53w0hVAQmZkICM7zNZyopYCOUV4WwN+khSXx6tv0zYImB9I5a2/Sov7jiNAHntRs pWCFNuorDmYE6u4GTs6D19hhOeGlYwPvl5McA5kRV94jjkooi+zjHMQAfeVJE4SzQnu+Bt wS+13XGkWjzrUQUNe1pZsyzAb8RTuEHJ4DeKS/fbCKvdkAQZ8JXBV2/tqSPmEQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TVsK80J94zl8X for ; Thu, 8 Feb 2024 09:35:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 4189Z7fE011962 for ; Thu, 8 Feb 2024 09:35:07 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 4189Z7al011957 for pf@FreeBSD.org; Thu, 8 Feb 2024 09:35:07 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276619] pfsync not synching all states from system running 13.2 to system running 14.0 (pfsync0 set to version 1301) Date: Thu, 08 Feb 2024 09:35:08 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276619 --- Comment #5 from Kajetan Staszkiewicz --- FYI: I was able to replicate the issue in my setup. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Feb 8 15:01:50 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TW0ZB5v8Sz59rf5 for ; Thu, 8 Feb 2024 15:01:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TW0Z65GmQz4Ch8 for ; Thu, 8 Feb 2024 15:01:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707404510; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=eSID0vO0F1NfTCaHk+LHIZt4cjunu0a0A62wUZsHeeo=; b=CTn2uaAxIuzB1/bUM3O8PuSWZrCdCPYgLiR8+3X8Xt+3iFrTLxq9lMgLLUTnXZ3zROfmCv FOp7wqVg7Z00skz2yKmxENE6M3PYaKmzrpfpeq/QvoJodUsfqmDWBoTW1J3po0fkt673Bu 4DQx6MXnDo0LdH+HSyTcmPaoYNmrp47rxAsNyFw51qiyFltHPDREBr8Rz8kDAhVp9GnfuR 9mPP4xsAozUmpZ3ox+yZmB2Ya5VOubalrwJbDaYm2R+crIvESb6OItC+CVnrD5c3voznim YtfIUdjjhNkuZTTn8hyOJ1aBpBjDBYc1aBa1T/mHFn2W0UtOw51MaxGYUT0GOw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707404510; a=rsa-sha256; cv=none; b=AajQ2PFGirsdPQ1XOiaEYvo8/NDwLDvNscqaru6vB7O9dYtqeEJa5ZLMB6REdkNVQQVB8W 0xPbhmqN3xjCHhiG0FY5SbwXpbwR7pTxpR4EOGJb+tfkAZdOWZ3ywOFgTMiQqjGa0ZNlBC 8vvJQfl034VSHvJ3dgv3kChBMdL+T2x0NBAJpxeJdoYXiJhnRd6rfTElRFQRb721sPN/sU E7lASW6Yj7S5i2ARbZ9YqXPcgEC2IubGt5yXw4Q60r2SpIS67eCZj58lXUpu+EcS9HFy2B m/2wnc+CmRSBqAOM339fo90UbSYuV7Sg/i/V/DS8agnPq62HjbUsVxMibaAuSw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TW0Z64Nk0zv5X for ; Thu, 8 Feb 2024 15:01:50 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 418F1o4o057875 for ; Thu, 8 Feb 2024 15:01:50 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 418F1or7057874 for pf@FreeBSD.org; Thu, 8 Feb 2024 15:01:50 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276619] pfsync not synching all states from system running 13.2 to system running 14.0 (pfsync0 set to version 1301) Date: Thu, 08 Feb 2024 15:01:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: vegeta@tuxpowered.net X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276619 --- Comment #6 from Kajetan Staszkiewicz --- Created attachment 248264 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D248264&action= =3Dedit Use union member's lenght when calculating offsets in received pfsync messa= ges. Can you please try this patch? --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Feb 9 19:43:52 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TWkn64FrDz5BDDQ for ; Fri, 9 Feb 2024 19:43:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TWkn61c06z4pjl for ; Fri, 9 Feb 2024 19:43:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707507834; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PE557s7p6cK6y9nEVmR8jvfDZ+IhYpnfFfw4x5b6/E8=; b=HoRzf69HyJmqFsNnL8Ait8te9PpwIWNEplZpFrxuScrfIX4Lz3Ea8EnZmvACvdPozo5DKT YdomRRhJsx6TNIQa5KMgHYjG2p85KUFWGjTJjnAodccNWfccLpsRpLUG4iH0dlhZKqFJEt 8No/aGsECj06Dd6IaYq/y052FFuUlVvHOAVxFWvFMzE0I6uhvahkpeCtr6evxsBIbV8RU+ FpTTmF4Lh6RKijCtzPlSzfCkRZ84B1ALlAOf47MgGFm9DiuJW0HuzdAG0wA5BC8iginJbL D1A/qfwrjP+Oeb0dciJASaOEUNF9VDD1APQ2iwvZ0V6rQVOX3F8mdcUid/rsZg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707507834; a=rsa-sha256; cv=none; b=KShEUCchZeo8DzIJvFI0kwPH6hmapZRUVA0hVf7PH9lQJCIv/0YSO+veMZXm2iWPjOsuNL hWEaON1LdgbOKMhHXjlpQVRfIMUg/pj0V8TAli+P+4wUbDF6TSZA4tDkk5OoT3Nz/xExgR y87XCJD3FMkkYBa0jQt5ANvRQlZJFKPL12997HSF5bzBMmcCb+k0dnSNRJXfvQYx+gc/Cl MEhcQ0z/eh/m6IFaPsWviYbSrriQKzrGWEsBMaM++PutCWmuMjmvh/Oli42RzsTZ231FcX C/MMQFySThXyvvXxM/WeaD0NVAPeL3twveI/yMkj8LIF4fpFdpgCJ+YBk7R6Tw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TWkn60gl6zm47 for ; Fri, 9 Feb 2024 19:43:54 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 419Jhsgh014712 for ; Fri, 9 Feb 2024 19:43:54 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 419Jhstm014711 for pf@FreeBSD.org; Fri, 9 Feb 2024 19:43:54 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276870] mbuf cluster leak with on pf+bird2 bgp routers Date: Fri, 09 Feb 2024 19:43:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: markj@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276870 Mark Johnston changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |glebius@FreeBSD.org, | |markj@FreeBSD.org Status|New |Open --- Comment #2 from Mark Johnston --- Gleb, based on the report this sounds more like a leak in the routing socket code, no? There's no mention of pf except in the bug title. > I at one point tried adding the missing kernel export filter (as to at le= ast silence the noisy warnings in the logs), and imagine my surprise when t= he mbuf cluster leak stopped. I'm not too familiar with how this works - does this basically install a bu= nch of routes in the kernel, so most likely you're hitting an mbuf leak in the routing socket code? This may be fixed in 14.0 by virtue of having reimplemented parts of that interface using netlink. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sat Feb 10 03:56:18 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TWxjJ4tTqz58ljp for ; Sat, 10 Feb 2024 03:56:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TWxjJ249zz4tRb for ; Sat, 10 Feb 2024 03:56:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707537380; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RP1W4l9HrG2JCEWkXrHShtoJwpov46N8OFtD0sbUwsk=; b=KKaKAG6P+O4oN0qzhuyB6KyoQeHBgs3wrwIw8rz4VBlbYlfgZ/GwcZEREoRL2+ua/IkSKZ iwK0fqnWoESlp1xE2nJKime0AmNCgGCOBwCOshtVXXBOZHtURcSYS8wObC5Bh5QiDX7L+F V+S6rqAkf3WyVTZILmo+tocySWYtaRZ1/j7hbbs+Z30D78w4mHuwIo1FkkIPsW3sCOH7aj VWFIeBYWLfXloElk+/3QYK8n/6cUxTZwR3yx90OsEg9O+D+xAeL7KLHnsJilI2euW8MsjI 3dOaFBfaahX8Pcto8x27jcECd1IKYFZK7u8Zg/7nFTT2lgkyPgA3PFCeaAVyfA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707537380; a=rsa-sha256; cv=none; b=XMr/pRPN2hnuk6dPdJDK8vDD48wQD//KxhQVUh5OAeXtYHxm1+XyslIREFUCPR5tiQ740S ft/G28M+gTOgWT/VcpGZTen8UzQuTgRhG8N8Db31EkJd35gF9qhfXlm2xFL2qcwAfqloLC hvl8qZKpdQnEoAumPKrByjz18agUxHaBON5uHPN/EMzL0QwdhyAvYJjyT2v7x8txCc/X4c mtMSgltFaWzjEIgzuCwInWQdaJbw8gO4fc19YlNiIvzJkYnpnOKtC+khuq3OuCxbVrkRY+ sSWm7U7rn7I4BZEXPqVzYNh2T1C0da+a3tr1apI75wxA0dtUJL7jhYUkoq9YoQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TWxjJ12Mvz11n4 for ; Sat, 10 Feb 2024 03:56:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 41A3uKwg000588 for ; Sat, 10 Feb 2024 03:56:20 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 41A3uKWC000587 for pf@FreeBSD.org; Sat, 10 Feb 2024 03:56:20 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276870] mbuf cluster leak with on pf+bird2 bgp routers Date: Sat, 10 Feb 2024 03:56:18 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: glebius@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276870 Gleb Smirnoff changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |melifaro@FreeBSD.org --- Comment #3 from Gleb Smirnoff --- On Wed Feb 7 15:25:11 2024 UTC, thomas@gibfest.dk wrote: > Over the holidays I upgraded from bird 2.0.9 to bird 2.14, as well as upg= rading > FreeBSD from 13-STABLE-384a885111ad to 13-STABLE-2cbd132986a7. I suspect = one of > these two changes made this problem appear. I made no changes to bird or = router > config other than the upgrades. What I would suspect here is NETLINK. Lots of stuff merged between 384a885111ad and 2cbd132986a7. Thomas, is it possible for you to work more on isolating the regression? Things to check: 1) Did bird upgrade 2.0.9 to 2.14 switch bird to use NETLINK instead of route socket? If 1) is false, there are two options: 2.0.9 and 2.14 both used NETLINK or both used route socket. If the latter, than my guess is totally wrong and Mark's guess is much better. If the former, than we need to bisect between 384a885111ad and 2cbd132986a7. 2) If 1) is true, then please compile 2.14 with NETLINK disabled and check if leak has gone. If 1) and 2) are true it could be the problem was in 384a885111ad as well, but you did not use NETLINK. 3) Check if running with NETLINK on 384a885111ad reproduces the leak or not? (Be careful, as lots of bugs were removed after 384a885111ad) Depending on 3) we may need to run bisection. Anyway, please keep us updated when you got more info, starting with 1). --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sat Feb 10 07:08:09 2024 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TX1yf4F2Kz5966h for ; Sat, 10 Feb 2024 07:08:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TX1yf3DL5z4KxC for ; Sat, 10 Feb 2024 07:08:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707548890; a=rsa-sha256; cv=none; b=duzeV79BFdhXCwG/NIVnYCmB6PpiOIT/TknTFdrJljLV+WfcRo/NkQk6z3Ypfrzrk4+3wN 0E2zIj2KIWLXxr/6ISvF989lq3v2UYQnJ9k53OsXJdJde9WQBSXtUUR9nMVvOtGVL9JHHp k8QS1SfjDoUf1xwR/3bsE7StZsvrhMBWJROmDHbgcTn5K3kg72ZHFkeVIiGO4td8T1dDoE f692/k3K2/YnStEzD5WhKhs+U054vrIyS3dnH/gBj7p7b99+uElG3cxTTNEPgwdT1vhc4A SWk1UzLTz9gzodiDa2iqHvJKAkIVVswr+QpDyYJthQwEgbww27u5QSVhAAHqaQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707548890; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ev7wyAoN5yzddIz7DVKkqz4leUZESFMAqrPmnlBFhKw=; b=f3LU4PhENBc4oTW/aj6CKlo01KSWGN45kDfXMDcj1/wgLzFYtdegIivyPAjkswqs0S3mMA SwYtt9bkvslaogXGKGEl1Fs4RtSS+/iyKFqAbssGT12Q4HppyHtoEUbW7vtiotcS1yUJr3 fjk4x260cMX6FkuQcZ5CLJucQI1FxDiuLk+4TMoI23VxQBmACYoUE3BmkxPbXh7mdJC8C9 TIzbQB0ru5WeOlcP0vDtts+y1tRW+IjbMv6UeQmEa60s0Ryxt5lKjQiGt3baJnWuUIZo3P eC91ZOEsao+w2IvYI3MXdUzIAHm8EAslnj+QkKWSk0AE3iTf3RH1ZODrhpJx4Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TX1yf2KHgz16Sc for ; Sat, 10 Feb 2024 07:08:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 41A78A3k071377 for ; Sat, 10 Feb 2024 07:08:10 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 41A78AlM071376 for pf@FreeBSD.org; Sat, 10 Feb 2024 07:08:10 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 276870] mbuf cluster leak with on pf+bird2 bgp routers Date: Sat, 10 Feb 2024 07:08:09 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.2-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: zarychtam@plan-b.pwste.edu.pl X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D276870 Marek Zarychta changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |olivier@freebsd.org --- Comment #4 from Marek Zarychta --- Now, when we have only FreeBSD 13, 14 and CURRENT branches supported and al= l of them have reworked routing stack with NETLINK support included, bird2-netli= nk is better suited to run on FreeBSD and probably should become the default flavor of net/bird2 port. The transition is important to avoid such situati= ons in the future. Netlink flavor supports ECMP, the memory footprint is much lower compared to rtsock version, and it will run with the same config file, though small con= fig changes are recommended. The user experience with bird2-netlink is better s= ince it can run undisturbed for months on FreeBSD 13.2+ without any observable drawbacks. --=20 You are receiving this mail because: You are the assignee for the bug.=