From owner-freebsd-pf@freebsd.org Sun Apr 29 21:01:19 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45FAEFB8718 for ; Sun, 29 Apr 2018 21:01:19 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id CF9F7707D9 for ; Sun, 29 Apr 2018 21:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.ysv.freebsd.org (Postfix) id 90114FB870F; Sun, 29 Apr 2018 21:01:18 +0000 (UTC) Delivered-To: pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C4F2FB870E for ; Sun, 29 Apr 2018 21:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 17B68707BF for ; Sun, 29 Apr 2018 21:01:18 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 561A11F249 for ; Sun, 29 Apr 2018 21:01:17 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w3TL1H0h051633 for ; Sun, 29 Apr 2018 21:01:17 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w3TL1Hgx051632 for pf@FreeBSD.org; Sun, 29 Apr 2018 21:01:17 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201804292101.w3TL1Hgx051632@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: pf@FreeBSD.org Subject: Problem reports for pf@FreeBSD.org that need special attention Date: Sun, 29 Apr 2018 21:01:17 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Apr 2018 21:01:19 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- Open | 203735 | Transparent interception of ipv6 with squid and p 1 problems total for which you should take action. From owner-freebsd-pf@freebsd.org Mon Apr 30 20:07:41 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B4B25FB5755 for ; Mon, 30 Apr 2018 20:07:41 +0000 (UTC) (envelope-from jason@singular.net) Received: from mail-ot0-x234.google.com (mail-ot0-x234.google.com [IPv6:2607:f8b0:4003:c0f::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DB6478CCC for ; Mon, 30 Apr 2018 20:07:41 +0000 (UTC) (envelope-from jason@singular.net) Received: by mail-ot0-x234.google.com with SMTP id g7-v6so10861230otj.11 for ; Mon, 30 Apr 2018 13:07:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=singular-net.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=4H5W/l1EqpWIOUBlHDzIsEEvDPjrTkFPGKR/q49XEIk=; b=yOafdEnpP21ZS0W3EdEdOjT4qA2qhrbj7AX25HVB7CSt/hsRtLwxu2Jih+hGIhH3Zn lQUavbFyUNwJlvF2Z1wDC8+BAi8elwYe8Bs3DPD5qbd+T2NzcWuIlMKXNTQeEbkMlb82 X+bfh2z1U4JD1UTB8pG8dKVekXcOq5Ny3gtldILBZi29xO6gmv7/yvOCqBHTEEGfWAMe QCQXHbAOyClxBc9zS9YsUcpPltPowBB+C0v/mh8aStO8G5PhWQt31lOoTI5IW/hkeae4 1Hk3zVV6V19MSf29M2T/hB5XIgF7RIge/mztNcNDn/MEjP0N/Lprdr9SmOLKWOPEkK0P ga7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=4H5W/l1EqpWIOUBlHDzIsEEvDPjrTkFPGKR/q49XEIk=; b=noMHrt+8Xwe04FpuR1OIZ20uIkWESvDOd93md9StS5NiLp4/RwB2H8pyuHhA9TGnEo 901VPW6cMDvIe6T09jZmYNVKkDEeXhacoPPp9uT74m6irpEM2VtjcAa3PzW9l9RHWWb1 uHBAP+vgDu0bUzJXhOKicHK+I/jUJ00emHJOt2Q2AjPuomVeiPOB0MiY6HTyfqKdeg5f J1k0SlQOcSx6loIrohe1ANMIV+A9i9OP7toAL2FwvaQImATdQhrjB1EZIG9CE6FQENZc ECJsCPSeg/FWgnlhCtU1a+5+854e996/REP7k+woMOxv7/XYFHUczCEt4Fi4n+rCcvQz J2fw== X-Gm-Message-State: ALQs6tCxdog9T3cJjcnRWSLuRwmY8Xw9UCebMcVQS3SxCz3sNjrwAZU5 IiyyzI9IZSVHNtNRQw9hSKwsWYW2W26OwvL76xtkpOj/b0g= X-Google-Smtp-Source: AB8JxZoSsn4nMs2gBjeeqm9vjE0xUodh7FomnZ4EFBvxdQ0uphRjPcgPdP2/odT9MfKKQK8M0oaNUDUTCkH+dG3/NP4= X-Received: by 2002:a9d:2456:: with SMTP id p80-v6mr8736110ota.231.1525118860372; Mon, 30 Apr 2018 13:07:40 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a9d:1dd2:0:0:0:0:0 with HTTP; Mon, 30 Apr 2018 13:07:39 -0700 (PDT) From: Jason Matthews Date: Mon, 30 Apr 2018 13:07:39 -0700 Message-ID: Subject: high cpu utilization due to interrupts To: freebsd-pf@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Apr 2018 20:07:42 -0000 I have a pair systems running relayd in DSR mode. The load balancer works well, to a point, but suffers from high interrupts and cpu utilization on eight cores. The monitoring systems show increased latency until it falls over dead at round 330k requests/sec where the CARP seems to stop responding and the partner jumps in only to wash-rinse-repeat the cycle. top -aSCHIP shows 85-90% CPU utilization due to interrupts when running near peak. What can be done to lower the interrupt load? Or spread it across more CPUs? Is the design such that one core is dedicated to a queue on the card? Or can the load be spread across more CPUs? The systems are Intel S5520UR boards with a X540-AT2 card on X5650 CPUs. Any suggestions are appreciated. thanks, j. ---------------- = Internet = ---------------- | ix0 --------------- = relayd = ---------------- | ix1 | -------------------- - web servers - --------------------- From owner-freebsd-pf@freebsd.org Wed May 2 20:15:44 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BDF17FB339B for ; Wed, 2 May 2018 20:15:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 5373A7661E for ; Wed, 2 May 2018 20:15:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 0F267FB3399; Wed, 2 May 2018 20:15:44 +0000 (UTC) Delivered-To: pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F0AB2FB3398 for ; Wed, 2 May 2018 20:15:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 89B8476614 for ; Wed, 2 May 2018 20:15:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id C17BC24B64 for ; Wed, 2 May 2018 20:15:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w42KFgU6094795 for ; Wed, 2 May 2018 20:15:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w42KFgjE094794 for pf@FreeBSD.org; Wed, 2 May 2018 20:15:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 214613] Reloading pf rules breaks connections on lo0 Date: Wed, 02 May 2018 20:15:42 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 10.3-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2018 20:15:44 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214613 --- Comment #2 from commit-hook@freebsd.org --- A commit references this bug: Author: kp Date: Wed May 2 20:15:02 UTC 2018 New revision: 333181 URL: https://svnweb.freebsd.org/changeset/base/333181 Log: MFC r333084: pfctl: Don't break connections on skipped interfaces on reload On reload we used to first flush everything, including the list of skipped interfaces. This can lead to termination of these connections if they se= nd packets before the new configuration is applied. Note that this doesn't currently happen on 12 or 11, because of special EACCES handling introduced in r315514. This special behaviour in tcp_output() may change, hence the fix in pfctl. PR: 214613 Submitted by: Andreas Longwitz Changes: _U stable/11/ stable/11/sbin/pfctl/pfctl.c --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Wed May 2 22:36:43 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 072BBFB6435 for ; Wed, 2 May 2018 22:36:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 91C3579D82 for ; Wed, 2 May 2018 22:36:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 4CB05FB6434; Wed, 2 May 2018 22:36:42 +0000 (UTC) Delivered-To: pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 38994FB6433 for ; Wed, 2 May 2018 22:36:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C597B79D81 for ; Wed, 2 May 2018 22:36:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id EC4FF25EE6 for ; Wed, 2 May 2018 22:36:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w42MaeL8031421 for ; Wed, 2 May 2018 22:36:40 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w42Mae9P031420 for pf@FreeBSD.org; Wed, 2 May 2018 22:36:40 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 214613] Reloading pf rules breaks connections on lo0 Date: Wed, 02 May 2018 22:36:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 10.3-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2018 22:36:43 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214613 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: kp Date: Wed May 2 22:36:11 UTC 2018 New revision: 333187 URL: https://svnweb.freebsd.org/changeset/base/333187 Log: MFC r333084: pfctl: Don't break connections on skipped interfaces on reload On reload we used to first flush everything, including the list of skipped interfaces. This can lead to termination of these connections if they se= nd packets before the new configuration is applied. Note that this doesn't currently happen on 12 or 11, because of special EACCES handling introduced in r315514. This special behaviour in tcp_output() may change, hence the fix in pfctl. PR: 214613 Submitted by: Andreas Longwitz Changes: _U stable/10/ stable/10/sbin/pfctl/pfctl.c --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Thu May 3 17:05:44 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 419FDFB2290 for ; Thu, 3 May 2018 17:05:44 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 52A16732D7 for ; Thu, 3 May 2018 17:05:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 12C87FB2289; Thu, 3 May 2018 17:05:43 +0000 (UTC) Delivered-To: pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 014CAFB2288 for ; Thu, 3 May 2018 17:05:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B9F57732C1 for ; Thu, 3 May 2018 17:05:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id E010F2F8C5 for ; Thu, 3 May 2018 17:05:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w43H5efH066856 for ; Thu, 3 May 2018 17:05:40 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w43H5e7r066854 for pf@FreeBSD.org; Thu, 3 May 2018 17:05:40 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 214613] Reloading pf rules breaks connections on lo0 Date: Thu, 03 May 2018 17:05:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 10.3-STABLE X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: kp@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: resolution cc bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2018 17:05:44 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214613 Kristof Provost changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED CC| |kp@freebsd.org Status|New |Closed --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Thu May 3 17:09:48 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3964AFB25C1 for ; Thu, 3 May 2018 17:09:48 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id C3F4374736 for ; Thu, 3 May 2018 17:09:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 848E7FB25BD; Thu, 3 May 2018 17:09:47 +0000 (UTC) Delivered-To: pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 73434FB25BC for ; Thu, 3 May 2018 17:09:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0E95F74734 for ; Thu, 3 May 2018 17:09:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 486A22F8CD for ; Thu, 3 May 2018 17:09:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w43H9kP9072100 for ; Thu, 3 May 2018 17:09:46 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w43H9kS5072099 for pf@FreeBSD.org; Thu, 3 May 2018 17:09:46 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 226411] PF does not properly keep state with GRE in IPSec Date: Thu, 03 May 2018 17:09:44 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: obrienmd@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2018 17:09:48 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D226411 obrienmd@gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |obrienmd@gmail.com --- Comment #7 from obrienmd@gmail.com --- @(In reply to Ermal Lu=C3=A7i from comment #5) Very curious to see a pointer to those bits - I poked around the Darwin XNU sources, but I'm way out of my depth :) --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-pf@freebsd.org Thu May 3 23:15:40 2018 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 08B7BFBF789 for ; Thu, 3 May 2018 23:15:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 946517ED58 for ; Thu, 3 May 2018 23:15:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 53753FBF788; Thu, 3 May 2018 23:15:39 +0000 (UTC) Delivered-To: pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4115EFBF787 for ; Thu, 3 May 2018 23:15:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D3D7E7ED57 for ; Thu, 3 May 2018 23:15:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 0A81F2CED for ; Thu, 3 May 2018 23:15:38 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w43NFbuH069645 for ; Thu, 3 May 2018 23:15:37 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w43NFbtW069644 for pf@FreeBSD.org; Thu, 3 May 2018 23:15:37 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 226411] PF does not properly keep state with GRE in IPSec Date: Thu, 03 May 2018 23:15:36 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: eri@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2018 23:15:40 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D226411 --- Comment #8 from Ermal Lu=C3=A7i --- (In reply to obrienmd from comment #7) You can start here: https://github.com/apple/darwin-xnu/blob/master/bsd/net/pf.c#L317 Its very easy to bring it to FreeBSD, it is only about available time. --=20 You are receiving this mail because: You are the assignee for the bug.=