From owner-freebsd-ipfw@FreeBSD.ORG Sun Feb 19 19:40:35 2012 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4D0E01065672; Sun, 19 Feb 2012 19:40:35 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 2071E8FC1E; Sun, 19 Feb 2012 19:40:35 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1JJeZOE073324; Sun, 19 Feb 2012 19:40:35 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1JJeYJ0073315; Sun, 19 Feb 2012 19:40:34 GMT (envelope-from linimon) Date: Sun, 19 Feb 2012 19:40:34 GMT Message-Id: <201202191940.q1JJeYJ0073315@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-net@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/165190: [ipfw] [lo] loopback interface is not marking ipv6 packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Feb 2012 19:40:35 -0000 Old Synopsis: [ipfw] loopback interface is not marking ipv6 packets New Synopsis: [ipfw] [lo] loopback interface is not marking ipv6 packets Responsible-Changed-From-To: freebsd-net->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Sun Feb 19 19:40:00 UTC 2012 Responsible-Changed-Why: fix assignment. http://www.freebsd.org/cgi/query-pr.cgi?pr=165190 From owner-freebsd-ipfw@FreeBSD.ORG Sun Feb 19 23:50:10 2012 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36529106564A for ; Sun, 19 Feb 2012 23:50:10 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 2151F8FC0A for ; Sun, 19 Feb 2012 23:50:10 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1JNo9xQ007120 for ; Sun, 19 Feb 2012 23:50:10 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1JNo9d9007119; Sun, 19 Feb 2012 23:50:09 GMT (envelope-from gnats) Date: Sun, 19 Feb 2012 23:50:09 GMT Message-Id: <201202192350.q1JNo9d9007119@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: Sergey Matveychuk Cc: Subject: Re: kern/165190: [ipfw] [lo] loopback interface is not marking ipv6 packets X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Sergey Matveychuk List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Feb 2012 23:50:10 -0000 The following reply was made to PR kern/165190; it has been noted by GNATS. From: Sergey Matveychuk To: bug-followup@FreeBSD.org, public@macfreek.nl Cc: Subject: Re: kern/165190: [ipfw] [lo] loopback interface is not marking ipv6 packets Date: Mon, 20 Feb 2012 03:18:13 +0400 This is a multi-part message in MIME format. --------------080202040908010900010503 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Julian wrongs here. Try the patch please. I've found the superfluous code in nd6.c when wrote a patch for divert(4) and was very annoyed this loopback behaviour. For unknown reasons KAME authors decided to fake interface for loopback. It differs from IPv4 code, so, I guess, it should be fixed. But I could not proof it. Your example is better for this. --------------080202040908010900010503 Content-Type: text/x-patch; name="nd6.c.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="nd6.c.diff" --- sys/netinet6/nd6.c.orig 2011-02-25 17:48:54.000000000 +0300 +++ sys/netinet6/nd6.c 2011-02-25 17:49:51.000000000 +0300 @@ -1928,10 +1928,6 @@ } return (error); } - if ((ifp->if_flags & IFF_LOOPBACK) != 0) { - return ((*ifp->if_output)(origifp, m, (struct sockaddr *)dst, - NULL)); - } error = (*ifp->if_output)(ifp, m, (struct sockaddr *)dst, NULL); return (error); --------------080202040908010900010503-- From owner-freebsd-ipfw@FreeBSD.ORG Mon Feb 20 11:07:08 2012 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 565071065673 for ; Mon, 20 Feb 2012 11:07:08 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 44A218FC16 for ; Mon, 20 Feb 2012 11:07:08 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1KB78fp090148 for ; Mon, 20 Feb 2012 11:07:08 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1KB77sT090146 for freebsd-ipfw@FreeBSD.org; Mon, 20 Feb 2012 11:07:07 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 20 Feb 2012 11:07:07 GMT Message-Id: <201202201107.q1KB77sT090146@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Feb 2012 11:07:08 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/165190 ipfw [ipfw] [lo] [patch] loopback interface is not marking o kern/164690 ipfw [ipfw] Request for ipv6 support in ipfw tables o kern/163873 ipfw [ipfw] ipfw fwd does not work with 'via interface' in o kern/158066 ipfw [ipfw] ipfw + netgraph + multicast = multicast packets o kern/157796 ipfw [ipfw] IPFW in-kernel NAT nat loopback / Default Route o kern/157689 ipfw [ipfw] ipfw nat config does not accept nonexistent int o kern/156770 ipfw [ipfw] [dummynet] [patch]: performance improvement and f kern/155927 ipfw [ipfw] ipfw stops to check packets for compliance with o bin/153252 ipfw [ipfw][patch] ipfw lockdown system in subsequent call o kern/153161 ipfw IPFIREWALL does not allow specify rules with ICMP code o kern/152113 ipfw [ipfw] page fault on 8.1-RELEASE caused by certain amo o kern/148827 ipfw [ipfw] divert broken with in-kernel ipfw o kern/148689 ipfw [ipfw] antispoof wrongly triggers on link local IPv6 a o kern/148430 ipfw [ipfw] IPFW schedule delete broken. o kern/148091 ipfw [ipfw] ipfw ipv6 handling broken. o kern/143973 ipfw [ipfw] [panic] ipfw forward option causes kernel reboo o kern/143621 ipfw [ipfw] [dummynet] [patch] dummynet and vnet use result o kern/137346 ipfw [ipfw] ipfw nat redirect_proto is broken o kern/137232 ipfw [ipfw] parser troubles o kern/135476 ipfw [ipfw] IPFW table breaks after adding a large number o f kern/129036 ipfw [ipfw] 'ipfw fwd' does not change outgoing interface n p kern/128260 ipfw [ipfw] [patch] ipfw_divert damages IPv6 packets o kern/127230 ipfw [ipfw] [patch] Feature request to add UID and/or GID l o kern/122963 ipfw [ipfw] tcpdump does not show packets redirected by 'ip s kern/121807 ipfw [request] TCP and UDP port_table in ipfw o kern/121122 ipfw [ipfw] [patch] add support to ToS IP PRECEDENCE fields o kern/116009 ipfw [ipfw] [patch] Ignore errors when loading ruleset from o bin/104921 ipfw [patch] ipfw(8) sometimes treats ipv6 input as ipv4 (a o kern/104682 ipfw [ipfw] [patch] Some minor language consistency fixes a o kern/103454 ipfw [ipfw] [patch] [request] add a facility to modify DF b o kern/103328 ipfw [ipfw] [request] sugestions about ipfw table o kern/102471 ipfw [ipfw] [patch] add tos and dscp support o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/95084 ipfw [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o bin/83046 ipfw [ipfw] ipfw2 error: "setup" is allowed for icmp, but s o kern/82724 ipfw [ipfw] [patch] [request] Add setnexthop and defaultrou o bin/78785 ipfw [patch] ipfw(8) verbosity locks machine if /etc/rc.fir o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes s kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o kern/46159 ipfw [ipfw] [patch] [request] ipfw dynamic rules lifetime f a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau 43 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Wed Feb 22 03:44:13 2012 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A028A1065676; Wed, 22 Feb 2012 03:44:13 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 73FB68FC13; Wed, 22 Feb 2012 03:44:13 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1M3iDOB082716; Wed, 22 Feb 2012 03:44:13 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1M3iDbX082712; Wed, 22 Feb 2012 03:44:13 GMT (envelope-from linimon) Date: Wed, 22 Feb 2012 03:44:13 GMT Message-Id: <201202220344.q1M3iDbX082712@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/165373: [ipfw] Obvious use-after-free in ipfw_nat() X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Feb 2012 03:44:13 -0000 Old Synopsis: Obvious use-after-free in ipfw_nat() New Synopsis: [ipfw] Obvious use-after-free in ipfw_nat() Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Wed Feb 22 03:43:51 UTC 2012 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=165373 From owner-freebsd-ipfw@FreeBSD.ORG Wed Feb 22 04:20:19 2012 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 689F11065674; Wed, 22 Feb 2012 04:20:19 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 3D50B8FC18; Wed, 22 Feb 2012 04:20:19 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1M4KJNw021416; Wed, 22 Feb 2012 04:20:19 GMT (envelope-from ae@freefall.freebsd.org) Received: (from ae@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1M4KJj6021412; Wed, 22 Feb 2012 04:20:19 GMT (envelope-from ae) Date: Wed, 22 Feb 2012 04:20:19 GMT Message-Id: <201202220420.q1M4KJj6021412@freefall.freebsd.org> To: lacombar@gmail.com, ae@FreeBSD.org, freebsd-ipfw@FreeBSD.org From: ae@FreeBSD.org Cc: Subject: Re: kern/165373: [ipfw] Obvious use-after-free in ipfw_nat() X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Feb 2012 04:20:19 -0000 Synopsis: [ipfw] Obvious use-after-free in ipfw_nat() State-Changed-From-To: open->patched State-Changed-By: ae State-Changed-When: Wed Feb 22 04:19:55 UTC 2012 State-Changed-Why: Patched in head/. Thanks! http://www.freebsd.org/cgi/query-pr.cgi?pr=165373 From owner-freebsd-ipfw@FreeBSD.ORG Wed Feb 22 04:30:16 2012 Return-Path: Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72B9A106566B for ; Wed, 22 Feb 2012 04:30:16 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 5E19F8FC08 for ; Wed, 22 Feb 2012 04:30:16 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q1M4UGpA029871 for ; Wed, 22 Feb 2012 04:30:16 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q1M4UGZW029868; Wed, 22 Feb 2012 04:30:16 GMT (envelope-from gnats) Date: Wed, 22 Feb 2012 04:30:16 GMT Message-Id: <201202220430.q1M4UGZW029868@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: kern/165373: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Feb 2012 04:30:16 -0000 The following reply was made to PR kern/165373; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: kern/165373: commit references a PR Date: Wed, 22 Feb 2012 04:19:46 +0000 (UTC) Author: ae Date: Wed Feb 22 04:19:33 2012 New Revision: 231991 URL: http://svn.freebsd.org/changeset/base/231991 Log: Don't use `m' after m_megapullup. PR: kern/165373 MFC after: 3 days Modified: head/sys/netinet/ipfw/ip_fw_nat.c Modified: head/sys/netinet/ipfw/ip_fw_nat.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw_nat.c Wed Feb 22 03:36:15 2012 (r231990) +++ head/sys/netinet/ipfw/ip_fw_nat.c Wed Feb 22 04:19:33 2012 (r231991) @@ -315,7 +315,7 @@ ipfw_nat(struct ip_fw_args *args, struct } if (retval == PKT_ALIAS_RESPOND) - m->m_flags |= M_SKIP_FIREWALL; + mcl->m_flags |= M_SKIP_FIREWALL; mcl->m_pkthdr.len = mcl->m_len = ntohs(ip->ip_len); /* _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Thu Feb 23 11:12:28 2012 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 78243106564A for ; Thu, 23 Feb 2012 11:12:28 +0000 (UTC) (envelope-from victordetoni@gmail.com) Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com [209.85.216.54]) by mx1.freebsd.org (Postfix) with ESMTP id 290088FC1D for ; Thu, 23 Feb 2012 11:12:27 +0000 (UTC) Received: by qaea17 with SMTP id a17so1428514qae.13 for ; Thu, 23 Feb 2012 03:12:27 -0800 (PST) Received-SPF: pass (google.com: domain of victordetoni@gmail.com designates 10.229.136.16 as permitted sender) client-ip=10.229.136.16; Authentication-Results: mr.google.com; spf=pass (google.com: domain of victordetoni@gmail.com designates 10.229.136.16 as permitted sender) smtp.mail=victordetoni@gmail.com; dkim=pass header.i=victordetoni@gmail.com Received: from mr.google.com ([10.229.136.16]) by 10.229.136.16 with SMTP id p16mr796720qct.24.1329995547399 (num_hops = 1); Thu, 23 Feb 2012 03:12:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=MhXOUCDhSMDAkLzp1S7GtR27hbf3L1A+Sbeww7pbz58=; b=udNOmSzDUlngCH64cAh7NUfRQFL/gYdKvejXAUWmMOQGgwGxmBHFXN/YODMvZuwtW6 d0wKyb3z0JrzivrE7pJX10gv1OETctPCdy5e407Jo44eTv+R3zLxfv/pbF03/9BAE4jE PznxXeOYKljeMQX1m+eX3OmOjDZBY/aQr6e+M= MIME-Version: 1.0 Received: by 10.229.136.16 with SMTP id p16mr607106qct.24.1329993706029; Thu, 23 Feb 2012 02:41:46 -0800 (PST) Received: by 10.229.10.142 with HTTP; Thu, 23 Feb 2012 02:41:45 -0800 (PST) Date: Thu, 23 Feb 2012 08:41:45 -0200 Message-ID: From: Victor Detoni To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: IPFW ARP Support X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2012 11:12:28 -0000 Hi, I'm testing some solutions to against ARP Poisoning, Spoofing and etc., and the only solution was ebtables, but linux will be the last resource. Someone knows if ARP supports for ipfw was continued or will be? I found something wrote by Gleb Kurtsou in http://lists.freebsd.org/pipermail/freebsd-ipfw/2008-September/003604.htmlbut in his blog he mencioned that this projects was domed. Thanks! Victor From owner-freebsd-ipfw@FreeBSD.ORG Thu Feb 23 22:39:37 2012 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9B024106566B for ; Thu, 23 Feb 2012 22:39:37 +0000 (UTC) (envelope-from victordetoni@gmail.com) Received: from mail-qw0-f47.google.com (mail-qw0-f47.google.com [209.85.216.47]) by mx1.freebsd.org (Postfix) with ESMTP id 553FD8FC0C for ; Thu, 23 Feb 2012 22:39:37 +0000 (UTC) Received: by qadz30 with SMTP id z30so7922673qad.13 for ; Thu, 23 Feb 2012 14:39:36 -0800 (PST) Received-SPF: pass (google.com: domain of victordetoni@gmail.com designates 10.229.102.148 as permitted sender) client-ip=10.229.102.148; Authentication-Results: mr.google.com; spf=pass (google.com: domain of victordetoni@gmail.com designates 10.229.102.148 as permitted sender) smtp.mail=victordetoni@gmail.com; dkim=pass header.i=victordetoni@gmail.com Received: from mr.google.com ([10.229.102.148]) by 10.229.102.148 with SMTP id g20mr2337627qco.124.1330036776656 (num_hops = 1); Thu, 23 Feb 2012 14:39:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=6LXS8fCB0vQ7wzOiq7n3/eG6P17jPJTKih3bl4a5vTE=; b=qySuFPWWEFuDBsXaDV5iCb+1i29fmOXfJW44Vf1vsRNZWtTNomYhrXQCzhgdMujuRf bcXehUDz378ki6c3eTMLSdLM3UNJFw7ZzT8o9fXpZscU97sn5oKG9hTJzaZTsNvzXaKG fw31JjOWl3BDv41A3DW4mi86YuBGwuwMrVsxg= MIME-Version: 1.0 Received: by 10.229.102.148 with SMTP id g20mr2011354qco.124.1330036776576; Thu, 23 Feb 2012 14:39:36 -0800 (PST) Received: by 10.229.10.142 with HTTP; Thu, 23 Feb 2012 14:39:36 -0800 (PST) Date: Thu, 23 Feb 2012 20:39:36 -0200 Message-ID: From: Victor Detoni To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ARP support for IPFW - New Feature X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Feb 2012 22:39:37 -0000 Hi all, In the last days I've been searching some solutions for ARP support with bridge and FreeBSD, but I didn't find nothing, only patches for 7-stable but no has testers and time to work. For this project that I've been working for a long time I will have to use ebtables, because it has full support. The results in my lab comparing FreeBSD x Linux with network performance, the FreeBSD was the faster, low latency and etc. I would like to know if this new feature could be good for ipfw project? In my opinion it will be the only features that there is no in FreeBSD Networking. What do you think about? needs for testers? etc? Best Regards, Victor From owner-freebsd-ipfw@FreeBSD.ORG Fri Feb 24 04:40:21 2012 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9BB3B106564A for ; Fri, 24 Feb 2012 04:40:21 +0000 (UTC) (envelope-from maxcsmsu@gmail.com) Received: from mail-pw0-f54.google.com (mail-pw0-f54.google.com [209.85.160.54]) by mx1.freebsd.org (Postfix) with ESMTP id 712388FC08 for ; Fri, 24 Feb 2012 04:40:21 +0000 (UTC) Received: by pbcxa7 with SMTP id xa7so2396306pbc.13 for ; Thu, 23 Feb 2012 20:40:21 -0800 (PST) Received-SPF: pass (google.com: domain of maxcsmsu@gmail.com designates 10.68.129.102 as permitted sender) client-ip=10.68.129.102; Authentication-Results: mr.google.com; spf=pass (google.com: domain of maxcsmsu@gmail.com designates 10.68.129.102 as permitted sender) smtp.mail=maxcsmsu@gmail.com; dkim=pass header.i=maxcsmsu@gmail.com Received: from mr.google.com ([10.68.129.102]) by 10.68.129.102 with SMTP id nv6mr2123413pbb.97.1330058421185 (num_hops = 1); Thu, 23 Feb 2012 20:40:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=Mpd/U72EBKJuLyAYIXHo+rWtbrpEK28WS4J7k3MJMqY=; b=xx3qD5DRWGtZSP0/Pr7CG8eONJg2UW61qaoJFzpAY76gngcNTG9YyFYNnuIKaOWsrK blVRvUYVocF00t5yMBPcL1B8fMR2/OMRfn6Pmh/BqJSAwPj+Q4lt053900ZyWK7lYvJ0 g1psHQupbBlYJo3nF2miF6LN20OCiiIiq76vo= MIME-Version: 1.0 Received: by 10.68.129.102 with SMTP id nv6mr1600166pbb.97.1330056746740; Thu, 23 Feb 2012 20:12:26 -0800 (PST) Received: by 10.142.81.17 with HTTP; Thu, 23 Feb 2012 20:12:26 -0800 (PST) Date: Fri, 24 Feb 2012 11:12:26 +0700 Message-ID: From: Mac MsuOS To: freebsd-ipfw@freebsd.org X-Mailman-Approved-At: Fri, 24 Feb 2012 06:06:16 +0000 Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ipfw help X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Feb 2012 04:40:21 -0000 pipe limit number ? From owner-freebsd-ipfw@FreeBSD.ORG Fri Feb 24 17:35:07 2012 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 74BDF106564A for ; Fri, 24 Feb 2012 17:35:07 +0000 (UTC) (envelope-from victordetoni@gmail.com) Received: from mail-qy0-f182.google.com (mail-qy0-f182.google.com [209.85.216.182]) by mx1.freebsd.org (Postfix) with ESMTP id 1FCE18FC0A for ; Fri, 24 Feb 2012 17:35:06 +0000 (UTC) Received: by qcsg15 with SMTP id g15so669546qcs.13 for ; Fri, 24 Feb 2012 09:35:06 -0800 (PST) Received-SPF: pass (google.com: domain of victordetoni@gmail.com designates 10.229.137.20 as permitted sender) client-ip=10.229.137.20; Authentication-Results: mr.google.com; spf=pass (google.com: domain of victordetoni@gmail.com designates 10.229.137.20 as permitted sender) smtp.mail=victordetoni@gmail.com; dkim=pass header.i=victordetoni@gmail.com Received: from mr.google.com ([10.229.137.20]) by 10.229.137.20 with SMTP id u20mr2611881qct.64.1330104906429 (num_hops = 1); Fri, 24 Feb 2012 09:35:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=830t+7Lvo+QdCf3Zd51/WgG7z/Y0s6t1mfLrLOIfEKE=; b=WP1u9288MXqUjMPsG9YfimraoIBAaK/W9qXVDpn4epT76qRLcO+lWKV3AwedkUBOrq 62wqdIx28SC/vOvY6RkI4Iqu6Yu4U2p1mNEMSvYvpBzFtqzmw12Yvsacwwjtbtq3P+H1 QaacA33c4kUFz7MCmxkCWxfuGaydV3wW5Odxc= MIME-Version: 1.0 Received: by 10.229.137.20 with SMTP id u20mr2151084qct.64.1330104906228; Fri, 24 Feb 2012 09:35:06 -0800 (PST) Received: by 10.229.10.142 with HTTP; Fri, 24 Feb 2012 09:35:04 -0800 (PST) In-Reply-To: References: <20120224120038.9B39E10657CB@hub.freebsd.org> Date: Fri, 24 Feb 2012 15:35:04 -0200 Message-ID: From: Victor Detoni To: =?ISO-8859-1?Q?Ermal_Lu=E7i?= , freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: freebsd-ipfw Digest, Vol 460, Issue 4 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Feb 2012 17:35:07 -0000 Yes, I agree... This support is doable for mac-type. On Fri, Feb 24, 2012 at 3:27 PM, Ermal Lu=E7i wrote: > This is doable from ipfw mac-type directive and layer2 filtering with > bridge! > > On Fri, Feb 24, 2012 at 12:00 PM, > wrote: > > Send freebsd-ipfw mailing list submissions to > > freebsd-ipfw@freebsd.org > > > > To subscribe or unsubscribe via the World Wide Web, visit > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > > or, via email, send a message with subject or body 'help' to > > freebsd-ipfw-request@freebsd.org > > > > You can reach the person managing the list at > > freebsd-ipfw-owner@freebsd.org > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of freebsd-ipfw digest..." > > > > > > Today's Topics: > > > > 1. ARP support for IPFW - New Feature (Victor Detoni) > > 2. ipfw help (Mac MsuOS) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Thu, 23 Feb 2012 20:39:36 -0200 > > From: Victor Detoni > > Subject: ARP support for IPFW - New Feature > > To: freebsd-ipfw@freebsd.org > > Message-ID: > > zPov7NVcTpwoEUWFH9CRoctjBC87N1tA@mail.gmail.com> > > Content-Type: text/plain; charset=3DISO-8859-1 > > > > Hi all, > > > > In the last days I've been searching some solutions for ARP support wit= h > > bridge and FreeBSD, but I didn't find nothing, only patches for 7-stabl= e > > but no has testers and time to work. > > > > For this project that I've been working for a long time I will have to > use > > ebtables, because it has full support. > > > > The results in my lab comparing FreeBSD x Linux with network performanc= e, > > the FreeBSD was the faster, low latency and etc. > > > > I would like to know if this new feature could be good for ipfw project= ? > In > > my opinion it will be the only features that there is no in FreeBSD > > Networking. What do you think about? needs for testers? etc? > > > > > > Best Regards, > > Victor > > > > > > ------------------------------ > > > > Message: 2 > > Date: Fri, 24 Feb 2012 11:12:26 +0700 > > From: Mac MsuOS > > Subject: ipfw help > > To: freebsd-ipfw@freebsd.org > > Message-ID: > > < > CADxg1dHn79KLUQukLue0Tx959NZKian0ZOBRyq6uQoaJi-c4eQ@mail.gmail.com> > > Content-Type: text/plain; charset=3DISO-8859-1 > > > > pipe limit number ? > > > > > > ------------------------------ > > > > _______________________________________________ > > freebsd-ipfw@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > > > End of freebsd-ipfw Digest, Vol 460, Issue 4 > > ******************************************** > > > > -- > Ermal >