FreeBSD Mail Archives

Date:      Thu, 12 Dec 2024 13:11:42 +0100
From:      Ronald Klop <ronald@FreeBSD.org>
To:        "Andrey V. Elsukov" <bu7cher@yandex.ru>
Cc:        freebsd-current@freebsd.org
Subject:   Re: (ipfw) Re: HELP! fetch: stuck forever OR error: RPC failed: curl 56 recv failure: Operation timed out
Message-ID:  <33cbcbbd-bf36-4059-a012-842c7ff80568@FreeBSD.org>
In-Reply-To: <dc452c86-4a39-4a75-9d56-ee69f16987ee@yandex.ru>
References:  <20241206034709.4dd32cc5@thor.intern.walstatt.dynvpn.de> <279848701.11738.1733510402875@localhost> <20241206210947.3ae835e4@thor.intern.walstatt.dynvpn.de> <f8952585-4b68-4cfd-a60f-1ebbd7f2545f@FreeBSD.org> <8E43EAA1-BA3E-4655-ACE1-2E4523E901DE@FreeBSD.org> <20241209214314.2443b590d774423a2b97f0a8@dec.sakura.ne.jp> <20241209174541.39c286f5@thor.intern.walstatt.dynvpn.de> <20241210022710.88c9087dd7cb09774507f232@dec.sakura.ne.jp> <20241209191947.39ac4843@thor.intern.walstatt.dynvpn.de> <6B720B82-09EF-4208-B814-B6BD75FC2F0E@FreeBSD.org> <f37a769d-99ea-4bd8-ba93-e7a7425c940b@FreeBSD.org> <dc452c86-4a39-4a75-9d56-ee69f16987ee@yandex.ru>

This is a multi-part message in MIME format.
--------------Rq1g26V7jo6qrFVI1I9FqJGt
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

SGkgQW5kcmV5LA0KDQpXaXRoIHlvdXIgcGF0Y2ggYXBwbGllZCBJIGRvbid0IGhhdmUgdGhl
IHN5bXB0b21zIG9mICdoYW5naW5nJyB0Y3AgY29ubmVjdGlvbnMgYW55bW9yZS4NClRoYW5r
cyBmb3IgbG9va2luZyBpbnRvIGl0Lg0KDQpSZWdhcmRzLA0KUm9uYWxkLg0KDQoqVmFuOiog
IkFuZHJleSBWLiBFbHN1a292IiA8YnU3Y2hlckB5YW5kZXgucnU+DQoqRGF0dW06KiBkb25k
ZXJkYWcsIDEyIGRlY2VtYmVyIDIwMjQgMDk6NTMNCipBYW46KiBmcmVlYnNkLWN1cnJlbnRA
ZnJlZWJzZC5vcmcNCipPbmRlcndlcnA6KiBSZTogKGlwZncpIFJlOiBIRUxQISBmZXRjaDog
c3R1Y2sgZm9yZXZlciBPUiBlcnJvcjogUlBDIGZhaWxlZDogY3VybCA1NiByZWN2IGZhaWx1
cmU6IE9wZXJhdGlvbiB0aW1lZCBvdXQNCg0KICAgIE9uIDExLjEyLjIwMjQgMTY6MjUsIFJv
bmFsZCBLbG9wIHdyb3RlOg0KICAgICA+IEkgZGlkIGEgYmlzZWN0IG9mIGNvbW1pdHMgYW5k
IG15IGZpbmRpbmcgaXMgdGhhdCBjb21taXQgMzQ3ZGQwNTMgb24gPiAyMDI0LTExLTI5IGlz
IHRoZSBjYXVzZS4NCiAgICAgPg0KICAgICA+ICJ0Y3A6IGFkZCBUSF9BRSBjYXBhYmlsaXRp
ZXMgdG8gcHBwIGFuZCBwZiINCiAgICAgPiBodHRwczovL2dpdGh1Yi5jb20vZnJlZWJzZC9m
cmVlYnNkLXNyYy9jb21taXQvMzQ3ZGQwNTM5ZjNhNzVmZGYyMTI4ZGQ0NjIwY2E5OWU5NmYz
MTFlOQ0KICAgICA+DQogICAgID4gVGhlIGNvbW1pdCBiZWZvcmUgKDBmYzdiZGM5NzgpIHdv
cmtzIGZpbmUuDQogICAgID4NCiAgICAgPiBJIGNjJ2VkIHRoZSBhdXRob3Igb2YgdGhlIGNv
bW1pdC4NCiAgICAgPiAoZm9yIGNvbnRleHQ6IHN0YXJ0IG9mIHRoZSB0aHJlYWQgaXMgaGVy
ZTogPiBodHRwczovL2xpc3RzLmZyZWVic2Qub3JnL2FyY2hpdmVzL2ZyZWVic2QtY3VycmVu
dC8yMDI0LURlY2VtYmVyLzAwNjc3OC5odG1sLCBpdCBsb29rcyBsaWtlIHRoZSBjb21taXQg
YnJlYWtzIGEgc3RhdGVmdWxsIGlwZncgZmlyZXdhbGwpDQoNCiAgICBIaSwNCg0KICAgIHRo
YW5rcyBmb3IgYmlzZWN0aW5nLiBJIHRoaW5rIHRoaXMgcGF0Y2ggc2hvdWxkIGZpeCBwcm9i
bGVtIHdpdGggc3RhdGVmdWxsIGlwZnc6DQoNCiAgICAtLS0gYS9zeXMvbmV0cGZpbC9pcGZ3
L2lwX2Z3X2R5bmFtaWMuYw0KICAgICsrKyBiL3N5cy9uZXRwZmlsL2lwZncvaXBfZndfZHlu
YW1pYy5jDQogICAgQEAgLTkyNyw3ICs5MjcsNyBAQCBwcmludF9keW5fcnVsZV9mbGFncyhj
b25zdCBzdHJ1Y3QgaXBmd19mbG93X2lkICppZCwgaW50IGR5bl90eXBlLA0KICAgICDCoMKg
I2RlZmluZSDCoMKgwqDCoMKgwqDCoF9TRVFfR0UoYSxiKSDCoMKgwqAoKGludCkoKGEpLShi
KSkgPj0gMCkNCiAgICAgwqDCoCNkZWZpbmUgwqDCoMKgwqDCoMKgwqBCT1RIX1NZTiDCoMKg
wqDCoMKgwqDCoChUSF9TWU4gfCAoVEhfU1lOIDw8IDgpKQ0KICAgICDCoMKgI2RlZmluZSDC
oMKgwqDCoMKgwqDCoEJPVEhfRklOIMKgwqDCoMKgwqDCoMKgKFRIX0ZJTiB8IChUSF9GSU4g
PDwgOCkpDQogICAgLSNkZWZpbmUgwqDCoMKgwqDCoMKgwqBUQ1BfRkxBR1MgwqDCoMKgwqDC
oMKgKFRIX0ZMQUdTIHwgKFRIX0ZMQUdTIDw8IDgpKQ0KICAgICsjZGVmaW5lIMKgwqDCoMKg
wqDCoMKgVENQX0ZMQUdTIMKgwqDCoMKgwqDCoCgoVEhfRkxBR1MgJiAweGZmKSB8ICgoVEhf
RkxBR1MgJiAweGZmKSA8PCA4KSkNCiAgICAgwqDCoCNkZWZpbmUgwqDCoMKgwqDCoMKgwqBB
Q0tfRldEIMKgwqDCoMKgwqDCoMKgwqAweDAwMDEwMDAwIMKgwqDCoMKgwqAvKiBmd2QgYWNr
IHNlZW4gKi8NCiAgICAgwqDCoCNkZWZpbmUgwqDCoMKgwqDCoMKgwqBBQ0tfUkVWIMKgwqDC
oMKgwqDCoMKgwqAweDAwMDIwMDAwIMKgwqDCoMKgwqAvKiByZXYgYWNrIHNlZW4gKi8NCiAg
ICAgwqDCoCNkZWZpbmUgwqDCoMKgwqDCoMKgwqBBQ0tfQk9USCDCoMKgwqDCoMKgwqDCoChB
Q0tfRldEIHwgQUNLX1JFVikNCg0KICAgIC0tIA0KICAgIFdCUiwgQW5kcmV5IFYuIEVsc3Vr
b3YNCg0KICAgIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KDQoNCg==
--------------Rq1g26V7jo6qrFVI1I9FqJGt
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit

<!DOCTYPE html>
<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    Hi Andrey,<br>
    <br>
    With your patch applied I don't have the symptoms of 'hanging' tcp
    connections anymore.<br>
    Thanks for looking into it.<br>
    <br>
    Regards,<br>
    Ronald.<br>
    <br>
     
    <p><strong>Van:</strong> "Andrey V. Elsukov"
      <a class="moz-txt-link-rfc2396E" href="mailto:bu7cher@yandex.ru">&lt;bu7cher@yandex.ru&gt;</a><br>
      <strong>Datum:</strong> donderdag, 12 december 2024 09:53<br>
      <strong>Aan:</strong> <a class="moz-txt-link-abbreviated" href="mailto:freebsd-current@freebsd.org">freebsd-current@freebsd.org</a><br>
      <strong>Onderwerp:</strong> Re: (ipfw) Re: HELP! fetch: stuck
      forever OR error: RPC failed: curl 56 recv failure: Operation
      timed out</p>
    <blockquote
style="padding-right: 0px; padding-left: 5px; margin-left: 5px; border-left: #000000 2px solid; margin-right: 0px">
      <div class="MessageRFC822Viewer" id="P">
        <div class="TextPlainViewer" id="P.P">On 11.12.2024 16:25,
          Ronald Klop wrote:<br>
          &gt; I did a bisect of commits and my finding is that commit
          347dd053 on &gt; 2024-11-29 is the cause.<br>
          &gt;<br>
          &gt; "tcp: add TH_AE capabilities to ppp and pf"<br>
          &gt; <a
href="https://github.com/freebsd/freebsd-src/commit/347dd0539f3a75fdf2128dd4620ca99e96f311e9"
            class="moz-txt-link-freetext">https://github.com/freebsd/freebsd-src/commit/347dd0539f3a75fdf2128dd4620ca99e96f311e9</a><br>;
          &gt;<br>
          &gt; The commit before (0fc7bdc978) works fine.<br>
          &gt;<br>
          &gt; I cc'ed the author of the commit.<br>
          &gt; (for context: start of the thread is here: &gt; <a
href="https://lists.freebsd.org/archives/freebsd-current/2024-December/006778.html"
            class="moz-txt-link-freetext">https://lists.freebsd.org/archives/freebsd-current/2024-December/006778.html</a>,
          it looks like the commit breaks a statefull ipfw firewall)<br>
          <br>
          Hi,<br>
          <br>
          thanks for bisecting. I think this patch should fix problem
          with statefull ipfw:<br>
          <br>
          --- a/sys/netpfil/ipfw/ip_fw_dynamic.c<br>
          +++ b/sys/netpfil/ipfw/ip_fw_dynamic.c<br>
          @@ -927,7 +927,7 @@ print_dyn_rule_flags(const struct
          ipfw_flow_id *id, int dyn_type,<br>
            #define        _SEQ_GE(a,b)    ((int)((a)-(b)) &gt;= 0)<br>
            #define        BOTH_SYN        (TH_SYN | (TH_SYN &lt;&lt;
          8))<br>
            #define        BOTH_FIN        (TH_FIN | (TH_FIN &lt;&lt;
          8))<br>
          -#define        TCP_FLAGS       (TH_FLAGS | (TH_FLAGS &lt;&lt;
          8))<br>
          +#define        TCP_FLAGS       ((TH_FLAGS &amp; 0xff) |
          ((TH_FLAGS &amp; 0xff) &lt;&lt; 8))<br>
            #define        ACK_FWD         0x00010000      /* fwd ack
          seen */<br>
            #define        ACK_REV         0x00020000      /* rev ack
          seen */<br>
            #define        ACK_BOTH        (ACK_FWD | ACK_REV)<br>
          <br>
          -- <br>
          WBR, Andrey V. Elsukov<br>
          <br>
           </div>
        <hr></div>
    </blockquote>
    <br>
     
  </body>
</html>

--------------Rq1g26V7jo6qrFVI1I9FqJGt--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?33cbcbbd-bf36-4059-a012-842c7ff80568>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation