From owner-freebsd-pf@freebsd.org  Sun Nov 18 10:48:38 2018
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 222A01134D85
 for <freebsd-pf@mailman.ysv.freebsd.org>; Sun, 18 Nov 2018 10:48:38 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id AB97476C5C
 for <freebsd-pf@freebsd.org>; Sun, 18 Nov 2018 10:48:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 66C831134D82; Sun, 18 Nov 2018 10:48:37 +0000 (UTC)
Delivered-To: pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 52EF61134D81
 for <pf@mailman.ysv.freebsd.org>; Sun, 18 Nov 2018 10:48:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id DE3C276C59
 for <pf@FreeBSD.org>; Sun, 18 Nov 2018 10:48:36 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id F22C21FC18
 for <pf@FreeBSD.org>; Sun, 18 Nov 2018 10:48:35 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id wAIAmZ9R095640
 for <pf@FreeBSD.org>; Sun, 18 Nov 2018 10:48:35 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from bugzilla@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id wAIAmZJP095639
 for pf@FreeBSD.org; Sun, 18 Nov 2018 10:48:35 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: pf@FreeBSD.org
Subject: [Bug 197484] fix pf 3whs ACK handling
Date: Sun, 18 Nov 2018 10:48:35 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 10.1-STABLE
X-Bugzilla-Keywords: patch
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: commit-hook@freebsd.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: pf@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-197484-16861-UfEPJWYJ73@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-197484-16861@https.bugs.freebsd.org/bugzilla/>
References: <bug-197484-16861@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-Rspamd-Queue-Id: AB97476C5C
X-Spamd-Result: default: False [-0.48 / 15.00];
 local_wl_from(0.00)[freebsd.org];
 NEURAL_HAM_SHORT(-0.48)[-0.483,0];
 ASN(0.00)[asn:10310, ipnet:2001:1900:2254::/48, country:US]
X-Rspamd-Server: mx1.freebsd.org
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Nov 2018 10:48:38 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D197484

--- Comment #3 from commit-hook@freebsd.org ---
A commit references this bug:

Author: kp
Date: Sun Nov 18 10:47:37 UTC 2018
New revision: 340558
URL: https://svnweb.freebsd.org/changeset/base/340558

Log:
  MFC r339470:

  pf synproxy will do the 3WHS on behalf of the target machine, and once
  the 3WHS is completed, establish the backend connection. The trigger
  for "3WHS completed" is the reception of the first ACK. However, we
  should not proceed if that ACK also has RST or FIN set.

  PR:           197484
  Obtained from:        OpenBSD

Changes:
_U  stable/12/
  stable/12/sys/netpfil/pf/pf.c

--=20
You are receiving this mail because:
You are the assignee for the bug.=