From nobody Thu Jul 20 19:38:23 2023 X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R6NK93qZqz4njR9 for ; Thu, 20 Jul 2023 19:38:37 +0000 (UTC) (envelope-from ddobrev85@gmail.com) Received: from mail-yw1-x1133.google.com (mail-yw1-x1133.google.com [IPv6:2607:f8b0:4864:20::1133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4R6NK80DwLz4JrK for ; Thu, 20 Jul 2023 19:38:36 +0000 (UTC) (envelope-from ddobrev85@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20221208 header.b=OS5TrmOO; spf=pass (mx1.freebsd.org: domain of ddobrev85@gmail.com designates 2607:f8b0:4864:20::1133 as permitted sender) smtp.mailfrom=ddobrev85@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-yw1-x1133.google.com with SMTP id 00721157ae682-5838c63968cso1594397b3.0 for ; Thu, 20 Jul 2023 12:38:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1689881914; x=1690486714; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=jgapXfLtBkqt3dKZEDJ48gmBWeWmus/BpYCFK/iiB7o=; b=OS5TrmOOlyebSe7loIcqdG4a6V2Evs/ac8uf7ZfDmHgjxJMRfUbEtbbxWLLnHTzbSF uzNNed1wjJDk3KeFwVa4fqDVasb65xrAberk6LVLW/yrscSZ1LkjySnx+Bw77Ok2BPbg rHUjlBcmnVYqFgXj/CN1a339iW9mAG2IX1x2a95nHULcGnEWlbVbg1cRscqBVotb9eNJ r7GSd9mp+GAFrRrWgvWm9XDB02LHTkvAJ3iucL3vB1GzMHTNihSy30IuYM83yngOqkA1 0qbpxY1j+KeuCkbRgTXLgrM+hFg6hkQQFY+1Hk64RklKiADDwKypd42DFKLMvDRtnERg cZjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689881914; x=1690486714; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=jgapXfLtBkqt3dKZEDJ48gmBWeWmus/BpYCFK/iiB7o=; b=AoDCnIKG5Je9whh0zdd00wyWAqREwGlHE1eQy8j7b8Aj/SYjTEMsKPL2p7bCVcQsVF hxiy+iB3CdE2TtRdy1h/u1bVbYGyXF2wCQFBomqbdXPF7d6tvURtcCHd45DQtprs29ZI 9BFLvZoJDpQFtU5fR2PEtmw5tXa4qkfANWREuWLlBLPgZuaCfga13GzRjehABu68h2xl /Dg0eYAmovQu6BDDaGA/wwtUd/eGpjK9cX/mmokxfXTl3kH50V1veYGZy4DjQ5lk+6p6 5ToayWAc0wU6+9s4bIQLUYqMxOzofxduuOBsWniO0YD5DRtPq1JjRH6otct5spRZw9Gs RFDQ== X-Gm-Message-State: ABy/qLaJ3qsHuLmi3j3A/lTcM04s5b92RrrXV3xfiZs46GDhRKjtzkiz gGsBL14k2lwV5rRahu95mu80kCmY2GeQOD5mdJsXI9JSRrE= X-Google-Smtp-Source: APBJJlGdn6r5Nv5F74z3LZDBu4absc7JIEQ1rJX6y2p9h1WCgYbNtSBk4SMzZaiswo7N/xb6cFY7L6zDmvgCKATAA+k= X-Received: by 2002:a0d:e212:0:b0:56d:9e2:7d9e with SMTP id l18-20020a0de212000000b0056d09e27d9emr49041ywe.21.1689881914508; Thu, 20 Jul 2023 12:38:34 -0700 (PDT) List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 From: Dobri Dobrev Date: Thu, 20 Jul 2023 22:38:23 +0300 Message-ID: Subject: Overloading to different tables To: freebsd-pf@freebsd.org Content-Type: multipart/alternative; boundary="0000000000003a0a530600f04b34" X-Spamd-Result: default: False [-3.91 / 15.00]; NEURAL_HAM_SHORT(-1.00)[-0.998]; NEURAL_HAM_LONG(-0.99)[-0.993]; NEURAL_HAM_MEDIUM(-0.92)[-0.923]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20221208]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; BLOCKLISTDE_FAIL(0.00)[2607:f8b0:4864:20::1133:server fail]; PREVIOUSLY_DELIVERED(0.00)[freebsd-pf@freebsd.org]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1133:from]; RCPT_COUNT_ONE(0.00)[1]; FREEMAIL_FROM(0.00)[gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; MLMMJ_DEST(0.00)[freebsd-pf@freebsd.org]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FREEMAIL_ENVFROM(0.00)[gmail.com]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Queue-Id: 4R6NK80DwLz4JrK X-Spamd-Bar: --- --0000000000003a0a530600f04b34 Content-Type: text/plain; charset="UTF-8" Hey guys... Trying to overload to 2 different tables based on conditions, however, pf always matches the bottom rule, nomatter what I try. pass in on ix0 proto tcp from any to XXX.XXX.XX.XX port 2222 tag CONNRATE label "connrate" flags S/SA keep state (source-track rule, max-src-conn-rate 4/1 overload flush global, src.track 1) pass in on ix0 proto tcp from any to XXX.XXX.XX.XX port 2222 tag MAXCONN label "maxconn" flags S/SA keep state (source-track rule, max-src-conn 10, overload flush global, src.track 1) The idea is to be able to separate IPs that do more than allowed connections in table 1, and IPs that do more than allowed conn-rate in table 2. Problem is - only the 2nd rule is matching.. LABEL COUNTERS: connrate 40113 0 0 0 0 0 0 0 <- first rule maxconn 5042 24972 9794870 12239 1789101 12733 8005769 1123 I've tried doing a "match" rule instead of pass, in that case the difference is - the last 3 values are empty (more notably the last one since it creates the state) LABEL COUNTERS: connrate 6205 1688 98156 1688 98156 0 0 0 maxconn 6205 1688 98156 1688 98156 0 0 0 Tried doing match + pass with overload of tagged "X", that also resulted in the last rule being the one that creates state (and does overload to table) Any ideas on how to do what I'm trying? The idea is: 1. to allow a max of 100 connections and if the IP does more than that - to be placed in the "limit_maxconn" table. 2. to set a connection-rate limit and any IP that overreaches it - to be placed in the "limit_connrate" table. Is there a way to achieve this? Regards, D --0000000000003a0a530600f04b34 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hey guys...

Trying to overload to 2 different tabl= es based on conditions, however, pf always matches the bottom rule, nomatte= r what I try.

pass in on ix0 proto tcp from any to XXX.XXX.XX.XX por= t 2222 tag CONNRATE label "connrate" flags S/SA keep state (sourc= e-track rule, max-src-conn-rate 4/1 overload <limit_connrate> flush g= lobal, src.track 1)
pass in on ix0 proto tcp from any to XXX.XXX.XX.XX p= ort 2222 tag MAXCONN label "maxconn" flags S/SA keep state (sourc= e-track rule, max-src-conn 10, overload <limit_maxconn> flush global,= src.track 1)

The idea is to be able to separate IPs that do more th= an allowed connections in table 1, and IPs that do more than allowed conn-r= ate in table 2.
Problem is - only the 2nd rule is matching..
LABEL CO= UNTERS:
connrate 40113 0 0 0 0 0 0 0 <- first rule
maxconn 5042 24= 972 9794870 12239 1789101 12733 8005769 1123

I've tried doing a = "match" rule instead of pass, in that case the difference is - th= e last 3 values are empty (more notably the last one since it creates the s= tate)
LABEL COUNTERS:
connrate 6205 1688 98156 1688 98156 0 0 0
ma= xconn 6205 1688 98156 1688 98156 0 0 0

Tried doing match + pass with= overload of tagged "X", that also resulted in the last rule bein= g the one that creates state (and does overload to table)

Any ideas = on how to do what I'm trying?
The idea is:
1. to allow a max of 1= 00 connections and if the IP does more than that - to be placed in the &quo= t;limit_maxconn" table.
2. to set a connection-rate limit and any I= P that overreaches it - to be placed in the "limit_connrate" tabl= e.

Is there a way to achieve this?

Regards,
D
--0000000000003a0a530600f04b34-- From nobody Fri Jul 28 07:22:10 2023 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RBzbk6g1lz4pGHR for ; Fri, 28 Jul 2023 07:22:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RBzbk5591z41Np for ; Fri, 28 Jul 2023 07:22:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690528930; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yWCLAlpskYlCqRHP6pRLrA4sGAN+pMuLIkTT9ogmges=; b=f8ajS/S+3y0daTBXd33DiBkq212Kz/ziOywTa0jzU0t0Qz3ti4GOWbndxdWqnE4HHiCFFX NJIhENPhpQG+GZ9NMtydiDX84yamCEkboL6L5/5yYzijTRIyYIpfpMUHW0QXouAFjJKw+t p/Cr5GFnoFu+Hrv8dnRXpLdT54B/LsJ9d1SbEzRuRx78Ayxd4ymudyiWGF5+pDG8n0rlCu Qu35s9pS2pW45AAnAMUFGbcJiKfNURCKu5AM6P+vL5gIk5TmZ6Vk0mGg80LtipdOJL4h2r lF2fEYCwMOUfZd3fZyb5q0EKX+WM31+Y2maXS8fPlUChNxBETqmCFKyu5Q+CUA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690528930; a=rsa-sha256; cv=none; b=vXBh4+MiyqrkNRzgLQgUAXcWsxyRUUXdBd6bq5cv3Urx5nsa7BqCe0I3CI5UpLcBv7XAV9 5WnJeAYKO3cnSPpG9Dpc2wcolaZdSIgtWQ/tFkTzrLt3th1UWZVV3ylZS0/quipO/CgF0w ndAESp/wS6A1MAt7SptPX/TTNvHBTdX2AVcgB5RhkCgN/hByoVuIps86W3QzFYXqpmDLl7 gNeEhGkq5XwzUdE+Ej1az3+R4PJM95JpR6DvBq8RQPACMuCRVoUcMY/YpFjVjI/vHTm9Fy UhE8NpAm2QXpZqqR3+tU91pEjNZdos2GLKBjzff1SuaP8npk8QjN3KxTAEHGGA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RBzbk4BwszhkG for ; Fri, 28 Jul 2023 07:22:10 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36S7MAU9015261 for ; Fri, 28 Jul 2023 07:22:10 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36S7MAfS015260 for pf@FreeBSD.org; Fri, 28 Jul 2023 07:22:10 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 272770] "divert-to" rule creates packet loops on all FreeBSD 11.0 to 14.0 CURRENT versions Date: Fri, 28 Jul 2023 07:22:10 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: burak.sn@outlook.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272770 Alfa changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |burak.sn@outlook.com, | |pf@FreeBSD.org --=20 You are receiving this mail because: You are on the CC list for the bug.= From nobody Sat Jul 29 04:51:01 2023 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RCXBs5930z4plTk for ; Sat, 29 Jul 2023 04:51:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RCXBs2PD2z3Q4R for ; Sat, 29 Jul 2023 04:51:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690606261; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9tdbPEUiKVQExjQbVJwqflP7rkWdAZnR88iPh3tm4bw=; b=oZa4Iraz5yh6FYrmza4nTgBw2tjONDUyVbDzwKEoDYsyhzUpCSXY8ZFfMVyKYE4G0xrJbM nE2RGeHvIcbFfH3KKUUJ52Wf2aXecegWx64bMrl3OHdC7RxjxNf8LuM7ecqwSVMuWGR2CW +rEUPpQtvPqywttjhj+T0TSDvuCVQWNDxpcCijmkfkU4tQYqJhkdm9S/gdrlwURuccwJ5W ZPEpjTbjUKxoSX9KK23nfjDneg4449oO5mE2/aUGb4G58m8wch8CyfBZTjcsIErtkuoTfV ZOzc2tsN+FKKQFKPrSoDvih4lnzKZKO7081bgUw6JxfsfqsftS5tTfTFrSzDiA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690606261; a=rsa-sha256; cv=none; b=GumqodlB492nnEP9iZT3nZzZtMGo1kX+rEO8wPP2iFtyYsth1qXLAYPNjoz7yL6ucG64fX 3q4eUX+WRlsCNLkWVG0WOmEo2KIdaAa8FDNWs49k7XCH3BMHJrKhCThbzm9mgMifs9zmmM PcojMBfqF4KaEiTfHmp9fQZFRzAH44YrL/RT9HLF2H2uNmt4z6phn/4xttN6EwxbwQgc6d FP32ieEjJ4YlXz8mrkjGPttMshcj/wgBRMTndo/9E5farBuQkhot7nrmtfaoi00DhvTGCl ng44MXAf/LxCWfD/htFZwboEzI+9yLJgODyzjgbc8+k+d45zcdGufZg06C+uvw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RCXBs1Wh4zKfp for ; Sat, 29 Jul 2023 04:51:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36T4p1DQ094545 for ; Sat, 29 Jul 2023 04:51:01 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36T4p19s094544 for pf@FreeBSD.org; Sat, 29 Jul 2023 04:51:01 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 272770] "divert-to" rule creates packet loops on all FreeBSD 11.0 to 14.0 CURRENT versions Date: Sat, 29 Jul 2023 04:51:01 +0000 X-Bugzilla-Reason: AssignedTo CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: pf@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to see_also cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272770 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@FreeBSD.org |pf@FreeBSD.org See Also| |https://bugs.freebsd.org/bu | |gzilla/show_bug.cgi?id=3D2= 608 | |67 CC|pf@FreeBSD.org | --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.= From nobody Sat Jul 29 04:51:01 2023 X-Original-To: pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RCXBt5plCz4plZP for ; Sat, 29 Jul 2023 04:51:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RCXBt3BMBz3Q4f for ; Sat, 29 Jul 2023 04:51:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1690606262; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=K7Yt5HVGIGyjYTqWgmcvUItUazwUFMPm9KUeIve9qVU=; b=fuWvinSxrwa+eSWPLsPaJSuygKvcha9mWR0BXr7vFXPi4kFt9dJSs/nRcttsWv/BcOoh1A EJ8B3xyx+SXC4qvp4Pf2paSIttRM6AsjHpdOQq9npo26fjknFGnp0xEoY4z1iMZ4omXxjV FjxZFUo3syp7ITva6jOUdYjxOiam81qVWtFBJpae6RpkaYVmpy9QG+hMXLMJ+0M0jFn4gk U4BTZIkq9Rr3foqj6MU1DHhXCLVqq1breuYzQLClTYj8xqnSi6Esg66omKVeeNsXmY6g2S E0FOyRKA+fdlLEikSqRXUUvssBLx/JMwxWhYe6T+pjT/Ivdph19d3aCKp5nb5w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1690606262; a=rsa-sha256; cv=none; b=OLW4Gp/diQVZxGGjwh2j2NJQtvcRbexz8RSsKiQjF1LVDu/4h3du3w0HhyDd5PWb9ikJjR d44SWpheECWghbdBFmFmqAgO6uflcOgOQLUm9k1AHUWPOmWc84e0xWGklv2JYJ2ZtExHQm laTPvRL8kg/nmyXisfch0QxaSkyIR5T35sUYrUKvwD8eck9GBf+jGNxgKpFrq1R8w3+V40 iRShj6N9RziolANPFuG6K5NrKiUiegT6zJghtH5/O9RhFB0ZovuOxINGLL9UVSvN5tmxpJ mqk1bGJLDs7H/iDVOpBe10Sv2JZ/S6z4mEyp7P031lbpU53NFCKzJindi46NDA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RCXBt1zSczK5j for ; Sat, 29 Jul 2023 04:51:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36T4p2OQ094589 for ; Sat, 29 Jul 2023 04:51:02 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36T4p2Lv094588 for pf@FreeBSD.org; Sat, 29 Jul 2023 04:51:02 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 260867] [pf][patch] divert-to packets infinitely loop when written back to divert socket Date: Sat, 29 Jul 2023 04:51:01 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: linimon@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: see_also Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260867 Mark Linimon changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.freebsd.org/bu | |gzilla/show_bug.cgi?id=3D2= 727 | |70 --=20 You are receiving this mail because: You are on the CC list for the bug.=