From owner-freebsd-pf@FreeBSD.ORG Mon Apr 23 03:07:04 2012 Return-Path: Delivered-To: freebsd-pf@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1FA1D1065673; Mon, 23 Apr 2012 03:07:04 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 0A89B8FC1A; Mon, 23 Apr 2012 03:07:04 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q3N373TG065771; Mon, 23 Apr 2012 03:07:03 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q3N373NQ065767; Mon, 23 Apr 2012 03:07:03 GMT (envelope-from linimon) Date: Mon, 23 Apr 2012 03:07:03 GMT Message-Id: <201204230307.q3N373NQ065767@freefall.freebsd.org> To: fbsd8@a1poweruser.com, linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-pf@FreeBSD.org From: linimon@FreeBSD.org Cc: Subject: Re: kern/167057: [pf] PF firewall version 4.5 in FreeBSD 9.0 & 8.2 nolonger supported by upstream X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Apr 2012 03:07:04 -0000 Old Synopsis: PF firewall version 4.5 in FreeBSD 9.0 & 8.2 nolonger supported New Synopsis: [pf] PF firewall version 4.5 in FreeBSD 9.0 & 8.2 nolonger supported by upstream State-Changed-From-To: open->suspended State-Changed-By: linimon State-Changed-When: Mon Apr 23 03:03:28 UTC 2012 State-Changed-Why: The problem is that the upstream changes seriously break backwards compatibility. My understanding is that for now we are staying with the existing version so as not to create a problem for our users, via POLA. I don't know if this decision will be revisited for 10.0. In any case, 8.3 is already released, so the first part of this PR is moot. Responsible-Changed-From-To: freebsd-bugs->freebsd-pf Responsible-Changed-By: linimon Responsible-Changed-When: Mon Apr 23 03:03:28 UTC 2012 Responsible-Changed-Why: http://www.freebsd.org/cgi/query-pr.cgi?pr=167057 From owner-freebsd-pf@FreeBSD.ORG Mon Apr 23 11:07:22 2012 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5C2D51065670 for ; Mon, 23 Apr 2012 11:07:22 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 467DC8FC21 for ; Mon, 23 Apr 2012 11:07:22 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q3NB7Md9047663 for ; Mon, 23 Apr 2012 11:07:22 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q3NB7LtI047661 for freebsd-pf@FreeBSD.org; Mon, 23 Apr 2012 11:07:21 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 23 Apr 2012 11:07:21 GMT Message-Id: <201204231107.q3NB7LtI047661@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-pf@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-pf@FreeBSD.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Apr 2012 11:07:22 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- s kern/167057 pf [pf] PF firewall version 4.5 in FreeBSD 9.0 & 8.2 nolo o kern/166336 pf [pf] kern.securelevel 3 +pf reload o kern/165315 pf [pf] States never cleared in PF with DEVICE_POLLING o kern/164402 pf [pf] pf crashes with a particular set of rules when fi o kern/164271 pf [pf] not working pf nat on FreeBSD 9.0 [regression] o kern/163208 pf [pf] PF state key linking mismatch o kern/160370 pf [pf] Incorrect pfctl check of pf.conf o kern/155736 pf [pf] [altq] borrow from parent queue does not work wit o kern/153307 pf [pf] Bug with PF firewall o kern/148290 pf [pf] "sticky-address" option of Packet Filter (PF) blo o kern/148260 pf [pf] [patch] pf rdr incompatible with dummynet o kern/147789 pf [pf] Firewall PF no longer drops connections by sendin o kern/143543 pf [pf] [panic] PF route-to causes kernel panic o bin/143504 pf [patch] outgoing states are not killed by authpf(8) o conf/142961 pf [pf] No way to adjust pidfile in pflogd o conf/142817 pf [patch] etc/rc.d/pf: silence pfctl o kern/141905 pf [pf] [panic] pf kernel panic on 7.2-RELEASE with empty o kern/140697 pf [pf] pf behaviour changes - must be documented o kern/137982 pf [pf] when pf can hit state limits, random IP failures o kern/136781 pf [pf] Packets appear to drop with pf scrub and if_bridg o kern/135948 pf [pf] [gre] pf not natting gre protocol o kern/135162 pf [pfsync] pfsync(4) not usable with GENERIC kernel o kern/134996 pf [pf] Anchor tables not included when pfctl(8) is run w o kern/133732 pf [pf] max-src-conn issue o kern/132769 pf [pf] [lor] 2 LOR's with pf task mtx / ifnet and rtent f kern/132176 pf [pf] pf stalls connection when using route-to [regress o conf/130381 pf [rc.d] [pf] [ip6] ipv6 not fully configured when pf st o kern/129861 pf [pf] [patch] Argument names reversed in pf_table.c:_co o kern/127920 pf [pf] ipv6 and synproxy don't play well together o conf/127814 pf [pf] The flush in pf_reload in /etc/rc.d/pf does not w o kern/127439 pf [pf] deadlock in pf o kern/127121 pf [pf] [patch] pf incorrect log priority o kern/127042 pf [pf] [patch] pf recursion panic if interface group is o kern/125467 pf [pf] pf keep state bug while handling sessions between s kern/124933 pf [pf] [ip6] pf does not support (drops) IPv6 fragmented o kern/124364 pf [pf] [panic] Kernel panic with pf + bridge o kern/122773 pf [pf] pf doesn't log uid or pid when configured to o kern/122014 pf [pf] [panic] FreeBSD 6.2 panic in pf o kern/120281 pf [pf] [request] lost returning packets to PF for a rdr o kern/120057 pf [pf] [patch] Allow proper settings of ALTQ_HFSC. The c o bin/118355 pf [pf] [patch] pfctl(8) help message options order false o kern/114567 pf [pf] [lor] pf_ioctl.c + if.c s conf/110838 pf [pf] tagged parameter on nat not working on FreeBSD 5. o kern/103283 pf pfsync fails to sucessfully transfer some sessions o kern/103281 pf pfsync reports bulk update failures o kern/93825 pf [pf] pf reply-to doesn't work o sparc/93530 pf [pf] Incorrect checksums when using pf's route-to on s o kern/92949 pf [pf] PF + ALTQ problems with latency o bin/86635 pf [patch] pfctl(8): allow new page character (^L) in pf. o kern/82271 pf [pf] cbq scheduler cause bad latency 50 problems total. From owner-freebsd-pf@FreeBSD.ORG Thu Apr 26 09:30:35 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7E7FA106564A for ; Thu, 26 Apr 2012 09:30:35 +0000 (UTC) (envelope-from Email@Cover-My-Life.co.za) Received: from node-sl250.smtp.com (node-sl250.smtp.com [173.192.174.225]) by mx1.freebsd.org (Postfix) with ESMTP id 4352F8FC0A for ; Thu, 26 Apr 2012 09:30:34 +0000 (UTC) X-MSFBL: ZnJlZWJzZC1wZkBmcmVlYnNkLm9yZ0AxNzNfMTkyXzE3NF8yMjVAc2FjZnNfZGVk aWNhdGVkX3Bvb2xA DKIM-Signature: v=1; a=rsa-sha256; d=smtp.com; s=smtpcomcustomers; c=relaxed/simple; q=dns/txt; i=@smtp.com; t=1335431428; h=From:Subject:To:Date:MIME-Version:Content-Type; bh=9kSff3iJ7uS7M91+Tqtjju+szFKI53xRd/WNwrDw18A=; b=c6PzqiuKFa6tjf1VQNN3mpyDu1tsn5F0aykQRBnDmWpmUxg/vg/+04AEoGm1rcVe 3jH0Mo26iD+mtnHkDvvoq923BRG8GlZmBByfgcH0fT+93P1FJCaGrG6RMLlfMGOJ G/DqbXikwPRsBI4WvsTlG/Mx6VrUfhEQ4lDr2ZAs+kA=; Received: from [109.73.163.143] ([109.73.163.143:60999] helo=Sender) by sl-se-mta01 (envelope-from ) (ecelerity 3.3.2.44647 r(44647)) with ESMTPA id 4D/93-31829-301199F4; Thu, 26 Apr 2012 09:10:28 +0000 Received: from cloned-VPS ([109.73.163.143]) by Sender ; Thu, 26 Apr 2012 11:11:37 +0200 Message-ID: <25F85D91-3293-4EAD-BB47-A22EF1607745@Sender> MIME-Version: 1.0 From: "Cover-My-Life.co.za" To: freebsd-pf@freebsd.org Date: 26 Apr 2012 11:11:37 +0200 X-SMTPCOM-Tracking-Number: 34f5a570-e086-48e6-9465-a1eeee27c374 X-SMTPCOM-Sender-ID: 436308 X-SMTPCOM-Spam-Policy: SMTP.com is a paid relay service. We do not tolerate UCE of any kind. Please report it ASAP to abuse@smtp.com Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: FREEBSD PF, Get R3M in Life Cover for under R10 per day (No Medicals) - Cover-My-Life.co.za X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Apr 2012 09:30:35 -0000 SGkgRlJFRUJTRCBQRiwNCg0KTGV0J3MgZmFjZSBmYWN0cyAtIE9uZSBkYXkgeW91 IChhbmQgSSkgd2lsbCBkaWUuICBNYXliZSB3ZSB3aWxsIHNlZSBpdCBjb21pbmcu ICBNYXliZSB3ZSB3b24ndC4NCg0KQlVULCBoYXZlIHlvdSBjb25zaWRlcmVkIHdo YXQgd2lsbCBoYXBwZW4gdG8geW91ciBmYW1pbHkgaWYgeW91IHdlcmUgdG8gcGFz cyBhd2F5Pw0KDQotRG8geW91IGhhdmUgYSB3aWxsIGFuZCBpcyBpdCB1cC10by1k YXRlPw0KLURvIHlvdSBoYXZlIGxvYW5zIChsaWtlIGEgaG9tZSBsb2FuKSBvciBj cmVkaXQgdGhhdCB3b3VsZCBuZWVkIHRvIGJlIHBhaWQgb2ZmPw0KLVdpbGwgeW91 ciBsb3ZlZCBvbmVzIGJlIGFibGUgdG8gbGl2ZSBjb21mb3J0YWJseSB3aXRob3V0 IHlvdXIgaW5jb21lPw0KLURvIGhhdmUgZW5vdWdoIGNhc2ggc2l0dGluZyBpbiB0 aGUgYmFuayB0byBjb3ZlciBhbiB1bmZvcmVzZWVuIGZ1bmVyYWw/DQoNCk5vIG9u ZSBsaWtlcyB0byB0aGluayBhYm91dCB0aGlzIHN0dWZmIGJ1dCBmcmFua2x5IHdl IG11c3QuICBBbmQgaWYgeW91IGhhdmUgcmVhZCB0aGlzIGZhciwgeW91IGFyZSBw cm9iYWJseSBqdXN0IGFzIGNvbmNlcm5lZCBhYm91dCB0aGVzZSBpc3N1ZXMgYXMg eW91IHNob3VsZCBiZS4NCg0KV2VsbCBub3QgdG8gd29ycnksIGhlcmUgaXMgdGhl IGdvb2QgbmV3czogQ292ZXItTXktTGlmZS5jby56YSBpcyBoZXJlIHRvIGhlbHAh ICBOb3Qgb25seSBoYXZlIHdlIG1hZGUgdGhlIHByb2Nlc3Mgb2YgZ2V0dGluZyB0 aGUgcmlnaHQgTGlmZSBDb3ZlciBmb3IgeW91IGFzIHNpbXBsZSBhcyBhIGZldyBj bGlja3MgYnV0IHdlIGhhdmUgYWxzbyBzb3VyY2VkIHNvbWUgb2YgdGhlIGJlc3Qg ZGVhbHMgaW4gdGhlIG1hcmtldC4NCg0KQXMgYW4gZXhhbXBsZSBhIDM1IHllYXIg b2xkIFNvdXRoIEFmcmljYW4gZmVtYWxlIGNhbiBnZXQgUjMgTWlsbGlvbiBMaWZl IENvdmVyIGZvciB1bmRlciBSMTAgcGVyIGRheSENCg0KU28gd2h5IG5vdCB0cnkg dXMgb3V0IGFuZCBnZXQgYSBxdW90ZSBmb3Igb25lIG9mIHRoZSBmb2xsb3dpbmcg cHJvZHVjdHMgd2UgaGF2ZSBhdmFpbGFibGU6DQoNCkxpZmUgSW5zdXJhbmNlIC0g R2V0IHVwdG8gUjZNIGNvdmVyIChubyBtZWRpY2FsKTsgUXVvdGUgaW4gbWludXRl czsgU2F2ZSB1cHRvIDUwJQ0KRGlzYWJpbGl0eSBJbnN1cmFuY2UgLSBDb3ZlciBm b3IgaWYgeW91IGJlY29tZSBkaXNhYmxlZCAoZWcgRnJvbSBhbiBhY2NpZGVudCkN ClNhbGFyeSBQcm90ZWN0aW9uIC0gQ292ZXIgZm9yIGlmIHlvdSBhcmUgdW5hYmxl IHRvIGVhcm4gYW4gaW5jb21lIChlZyBSZXRyZW5jaG1lbnQsIEluanVyeSBldGMp DQpDcml0aWNhbCBJbGxuZXNzIENvdmVyIC0gQ292ZXIgZm9yIGlmIHlvdSBiZWNv bWUgY3JpdGljYWxseSBpbGwgKGVnIENhbmNlcikNCkNvdmVyIGZvciBISVYgLSBM aWZlIENvdmVyIGZvciB0aG9zZSBzdWZmZXJpbmcgZnJvbSBISVYNCkZSRUUgRmlu YW5jaWFsIFBsYW4gLSBMZXQgdXMgcHJvdmlkZSB5b3Ugd2l0aCBhIEZpbmFuY2lh bCBQbGFuIGFic29sdXRlbHkgRlJFRQ0KDQpUaGlzIHRha2VzIGFsbCB0aGUgaGFz c2xlIGFuZCBoYXJkIHdvcmsgb3V0IG9mIGZpbmRpbmcgdGhlIGJlc3QgaW5zdXJh bmNlIGZvciB5b3UgYW5kIHdoYXTigJlzIG1vcmUsIHlvdSBjYW4gZG8gaXQgZnJv bSB0aGUgcHJpdmFjeSBvZiB5b3VyIG93biBob21lIC8gb2ZmaWNlIC8gd2hlcmV2 ZXIgeW91IGFyZSByZWFkaW5nIHRoaXMuDQoNCkdpdmUgdXMgYSB0cnksIGdvIHRv IHd3dy5Db3Zlci1NeS1MaWZlLmNvLnphLCBvciBhcHBseSBub3cNCg0KVGhhbmtz DQoNClRoZSBDb3Zlci1NeS1MaWZlLmNvLnphIHRlYW0NCg0KIA0KDQoNCg0KT3Vy IFNlcnZpY2VzIGluY2x1ZGU6DQoxKSBPbmxpbmUgYXV0b21hdGVkIHF1b3RlIG1h bmFnZW1lbnQgcHJvY2Vzcw0KMikgU3RlcCBieSBzdGVwIGd1aWRhbmNlIGFuZCBh ZHZpY2UgZnJvbSBwcm9mZXNzaW9uYWxseSB0cmFpbmVkIHN0YWZmDQozKSBCZXN0 IHF1b3RlIHByb3ZpZGVkIHVzdWFsbHkgd2l0aGluIHRoZSBzYW1lIGRheSBiYXNl ZCBvbiB5b3VyIHBlcnNvbmFsIGNpcmN1bXN0YW5jZQ0KNCkgVG90YWxseSBzZWN1 cmUgYXBwbGljYXRpb24gcHJvY2VzcyB1c2luZyBTU0wgRW5jcnlwdGlvbg0KDQoN CkVtYWlsIHNlbnQgYnkgU0EgQ29uc3VtZXIgRm91bmRhdGlvbiANClNBIENvbnN1 bWVyIEZvdW5kYXRpb24gfCAxMjAgMXN0IEF2ZW51ZSB8IEh5ZGUgUGFyaywgSkhC LCBHYXV0ZW5nIDIxOTYNCjIwMTIgU0EgQ29uc3VtZXIgRm91bmRhdGlvbiBBbGwg UmlnaHRzIFJlc2VydmVkLg0KDQpJZiB5b3UgZGlkIG5vdCB3aXNoIHRvIHJlY2Vp dmUgdGhpcywgcGxlYXNlIHVuc3Vic2NyaWJlIGZyb20gZnVydGhlciBlbWFpbHMg IGF0IGh0dHA6Ly93d3cuZm9ybXN0YWNrLmNvbS9mb3Jtcy9zYS1lbWFpbHVuc3Vi c2NyaWJlP2VtYWlsPWZyZWVic2QtcGZAZnJlZWJzZC5vcmcNCg0KSWYgeW91IGNv bnNpZGVyIHRoaXMgZW1haWwgdW5zb2xpY2l0ZWQgYnVsayBtYWlsLCBwbGVhc2Ug cmVwb3J0IFNQQU0gYXQgaHR0cDovL3d3dy5mb3Jtc3RhY2suY29tL2Zvcm1zL3Nh LXJlcG9ydHNwYW0/ZW1haWw9ZnJlZWJzZC1wZkBmcmVlYnNkLm9yZyZlbWFpbF9m cm9tPUVtYWlsQENvdmVyLU15LUxpZmUuY28uemE= From owner-freebsd-pf@FreeBSD.ORG Thu Apr 26 13:05:05 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A78D1065672 for ; Thu, 26 Apr 2012 13:05:05 +0000 (UTC) (envelope-from john@ellissey.co.za) Received: from dedi113.jnb1.host-h.net (dedi113b.your-server.co.za [196.22.142.13]) by mx1.freebsd.org (Postfix) with ESMTP id C6A2C8FC15 for ; Thu, 26 Apr 2012 13:05:02 +0000 (UTC) Received: from 8ta-151-72-121.telkomadsl.co.za ([41.151.72.121] helo=JohnLaptop) by dedi113.jnb1.host-h.net with esmtpa (Exim 4.72) (envelope-from ) id 1SNNxq-0002J5-H5 for freebsd-pf@freebsd.org; Thu, 26 Apr 2012 14:38:28 +0200 From: "John Viljoen" To: Date: Thu, 26 Apr 2012 14:38:26 +0200 Message-ID: <000001cd23a9$7da01220$78e03660$@ellissey.co.za> MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_000_0001_01CD23BA.412B5320" X-Mailer: Microsoft Outlook 14.0 Thread-Index: Ac0jqVcv2i9dYhNYQESeS5Ibr10sXw== Content-Language: en-za X-Authenticated-Sender: john@ellissey.co.za X-Virus-Scanned: Clear (ClamAV 0.97.3/14847/Thu Apr 26 04:33:01 2012) X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Drive A New Car from R499 P/M X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Apr 2012 13:05:05 -0000 This is a multipart message in MIME format. ------=_NextPart_000_0001_01CD23BA.412B5320 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi Im interested in this deal, whats the catch? Kind Regards John Viljoen Technical Manager Ellissey Technologies (CC) Description: Description: Description: cid:image007.jpg@01CBBD60.37541B00 +27 (0)83 669 1693 Description: Description: Description: cid:image008.jpg@01CBBD60.37541B00 +27 (0)86 661 6079 Description: Description: Description: Description: cid:image004.gif@01C90438.14754840 www.ellissey.com Description: Description: Description: Description: Odyssey This email and any accompanying attachments may contain confidential, proprietary and copyright information. This information is private and protected by law and, accordingly, if you are not the intended recipient, you are requested to delete this entire communication immediately and are notified that any disclosure, copying or distribution of or taking any action based on this information is prohibited. The entity which owns the domain from which this email originates, and its subsidiaries do not accept liability for the views expressed in the email (which may be the private views of the sender), or for the consequences of any computer viruses that may be transmitted with this email. Emails cannot be guaranteed to be secure or free of errors or viruses. The sender does not accept any liability or responsibility for any interception, corruption, destruction, loss, late arrival or incompleteness of or tampering or interference with any of the information contained in this email or for its incorrect delivery or non- delivery for whatsoever reason or for its effect on any electronic device of the recipient. If verification of this email or any attachment is required, please request a hard-copy version from the sender. ------=_NextPart_000_0001_01CD23BA.412B5320--