FreeBSD Mail Archives

Date:      Sat, 27 Sep 2025 13:12:01 -0600
From:      Warner Losh <imp@bsdimp.com>
To:        Michael Tuexen <tuexen@freebsd.org>
Cc:        Justin Hibbits <chmeee@has.gonegalt.net>, Zhenlei Huang <zlei@freebsd.org>,  src-committers <src-committers@freebsd.org>,  "<dev-commits-src-all@freebsd.org>" <dev-commits-src-all@freebsd.org>, dev-commits-src-branches@freebsd.org
Subject:   Re: git: b4c6c3db0379 - stable/14 - ipfw: Teach ipfw that EtherIP is an upper layer protocol
Message-ID:  <CANCZdfqvqVDR7uHtUnT1%2B6TrH7VPo9%2BsT9GjxLQQ-GXLMU2qpA@mail.gmail.com>
In-Reply-To: <7CCC215D-E9EF-49CD-95A1-F2D5215AD268@FreeBSD.org>
References:  <202509271513.58RFDst3083057@gitrepo.freebsd.org> <44DAB9B2-B037-49B0-9153-90B4CFBB6234@FreeBSD.org> <20250927143548.661e75f7@ralga.knownspace> <7CCC215D-E9EF-49CD-95A1-F2D5215AD268@FreeBSD.org>

--00000000000005aaa4063fcd2e65
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Sat, Sep 27, 2025, 12:44=E2=80=AFPM Michael Tuexen <tuexen@freebsd.org> =
wrote:

> > On 27. Sep 2025, at 20:35, Justin Hibbits <chmeee@has.gonegalt.net>
> wrote:
> >
> > On Sat, 27 Sep 2025 20:32:20 +0200
> > Michael Tuexen <tuexen@FreeBSD.org> wrote:
> >
> >>> On 27. Sep 2025, at 17:13, Zhenlei Huang <zlei@FreeBSD.org> wrote:
> >>>
> >>> The branch stable/14 has been updated by zlei:
> >>>
> >>> URL:
> >>>
> https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0379a5b3d34143325805cd7=
e68cf3d9a
> >>>
> >>> commit b4c6c3db0379a5b3d34143325805cd7e68cf3d9a
> >>> Author:     Zhenlei Huang <zlei@FreeBSD.org>
> >>> AuthorDate: 2025-09-16 15:58:24 +0000
> >>> Commit:     Zhenlei Huang <zlei@FreeBSD.org>
> >>> CommitDate: 2025-09-27 15:11:35 +0000
> >>>
> >>>   ipfw: Teach ipfw that EtherIP is an upper layer protocol
> >>>
> >>>   so that we do not discard EtherIP packets ( over IPv6 network )
> >>> when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is
> >>> the default value ).
> >>>
> >>>   PR:             227450
> >>>   Reviewed by:    ae, #network
> >>>   MFC after:      1 week
> >>>   Differential Revision:  https://reviews.freebsd.org/D52566
> >>>
> >>>   (cherry picked from commit
> >>> 0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from
> >>> commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e)
> >> Why is this cherry picked from two commits? Shouldn't this be only
> >> cherry picked from the commit to the main branch?
> >>
> >> Best regards
> >> Michael
> >
> > It's common to cherry-pick from stable to older-stable.  This was
> > likely cherry-picked from stable/15, which was cherry-picked from main.
> That is why I am asking.
>
> My understanding is that we should
> * MFC from main to stable/15
> * MFC from main to stable/14
> * MFC from stable/14 to releng/14.4
>
> So I might be wrong and and I should actually do instead
> * MFC from main to stable/15
> * MFC from stable/15 to stable/14
> * MFC from stable/14 to releng/14.4
>
> I know that releng/14.4 does not exist, but there is a time window
> we can get changes into relen/14.4 with approval from re@.
>
> I would just like to know how I should MFC to stable/14...
>

Either way works. Without conflicts I do main to both. With conflicts I do
main to 15 and then 15 to 14. For releng, it's always from the stable
branch.

Warner

Best regards
> Michael
> >
> > - Justin
> >
> >>> ---
> >>> sys/netpfil/ipfw/ip_fw2.c | 7 +++++++
> >>> 1 file changed, 7 insertions(+)
> >>>
> >>> diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
> >>> index 0e0ecd3c6b20..928ccefe4803 100644
> >>> --- a/sys/netpfil/ipfw/ip_fw2.c
> >>> +++ b/sys/netpfil/ipfw/ip_fw2.c
> >>> @@ -67,6 +67,7 @@
> >>> #include <net/route/nhop.h>
> >>> #include <net/pfil.h>
> >>> #include <net/vnet.h>
> >>> +#include <net/if_gif.h>
> >>> #include <net/if_pfsync.h>
> >>>
> >>> #include <netpfil/pf/pf_mtag.h>
> >>> @@ -1717,6 +1718,12 @@ do { \
> >>> PULLUP_TO(hlen, ulp, struct ip);
> >>> break;
> >>>
> >>> + case IPPROTO_ETHERIP: /* RFC 3378 */
> >>> + PULLUP_LEN(hlen, ulp,
> >>> +    sizeof(struct etherip_header) +
> >>> +    sizeof(struct ether_header));
> >>> + break;
> >>> +
> >>> case IPPROTO_PFSYNC:
> >>> PULLUP_TO(hlen, ulp, struct pfsync_header);
> >>> break;
> >>
> >
>
>

--00000000000005aaa4063fcd2e65
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"auto"><div><br><br><div class=3D"gmail_quote gmail_quote_contai=
ner"><div dir=3D"ltr" class=3D"gmail_attr">On Sat, Sep 27, 2025, 12:44=E2=
=80=AFPM Michael Tuexen &lt;<a href=3D"mailto:tuexen@freebsd.org">tuexen@fr=
eebsd.org</a>&gt; wrote:<br></div><blockquote class=3D"gmail_quote" style=
=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">&gt; On =
27. Sep 2025, at 20:35, Justin Hibbits &lt;<a href=3D"mailto:chmeee@has.gon=
egalt.net" target=3D"_blank" rel=3D"noreferrer">chmeee@has.gonegalt.net</a>=
&gt; wrote:<br>
&gt; <br>
&gt; On Sat, 27 Sep 2025 20:32:20 +0200<br>
&gt; Michael Tuexen &lt;tuexen@FreeBSD.org&gt; wrote:<br>
&gt; <br>
&gt;&gt;&gt; On 27. Sep 2025, at 17:13, Zhenlei Huang &lt;zlei@FreeBSD.org&=
gt; wrote:<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; The branch stable/14 has been updated by zlei:<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; URL:<br>
&gt;&gt;&gt; <a href=3D"https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0=
379a5b3d34143325805cd7e68cf3d9a" rel=3D"noreferrer noreferrer" target=3D"_b=
lank">https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0379a5b3d3414332580=
5cd7e68cf3d9a</a><br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; commit b4c6c3db0379a5b3d34143325805cd7e68cf3d9a<br>
&gt;&gt;&gt; Author:=C2=A0 =C2=A0 =C2=A0Zhenlei Huang &lt;zlei@FreeBSD.org&=
gt;<br>
&gt;&gt;&gt; AuthorDate: 2025-09-16 15:58:24 +0000<br>
&gt;&gt;&gt; Commit:=C2=A0 =C2=A0 =C2=A0Zhenlei Huang &lt;zlei@FreeBSD.org&=
gt;<br>
&gt;&gt;&gt; CommitDate: 2025-09-27 15:11:35 +0000<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt;=C2=A0 =C2=A0ipfw: Teach ipfw that EtherIP is an upper layer pr=
otocol<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt;=C2=A0 =C2=A0so that we do not discard EtherIP packets ( over I=
Pv6 network )<br>
&gt;&gt;&gt; when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which=
 is<br>
&gt;&gt;&gt; the default value ).<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt;=C2=A0 =C2=A0PR:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0227450<br>
&gt;&gt;&gt;=C2=A0 =C2=A0Reviewed by:=C2=A0 =C2=A0 ae, #network<br>
&gt;&gt;&gt;=C2=A0 =C2=A0MFC after:=C2=A0 =C2=A0 =C2=A0 1 week<br>
&gt;&gt;&gt;=C2=A0 =C2=A0Differential Revision:=C2=A0 <a href=3D"https://re=
views.freebsd.org/D52566" rel=3D"noreferrer noreferrer" target=3D"_blank">h=
ttps://reviews.freebsd.org/D52566</a><br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt;=C2=A0 =C2=A0(cherry picked from commit<br>
&gt;&gt;&gt; 0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from<=
br>
&gt;&gt;&gt; commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e)=C2=A0 <br>
&gt;&gt; Why is this cherry picked from two commits? Shouldn&#39;t this be =
only<br>
&gt;&gt; cherry picked from the commit to the main branch?<br>
&gt;&gt; <br>
&gt;&gt; Best regards<br>
&gt;&gt; Michael<br>
&gt; <br>
&gt; It&#39;s common to cherry-pick from stable to older-stable.=C2=A0 This=
 was<br>
&gt; likely cherry-picked from stable/15, which was cherry-picked from main=
.<br>
That is why I am asking.<br>
<br>
My understanding is that we should<br>
* MFC from main to stable/15<br>
* MFC from main to stable/14<br>
* MFC from stable/14 to releng/14.4<br>
<br>
So I might be wrong and and I should actually do instead<br>
* MFC from main to stable/15<br>
* MFC from stable/15 to stable/14<br>
* MFC from stable/14 to releng/14.4<br>
<br>
I know that releng/14.4 does not exist, but there is a time window<br>
we can get changes into relen/14.4 with approval from re@.<br>
<br>
I would just like to know how I should MFC to stable/14...<br></blockquote>=
</div></div><div dir=3D"auto"><br></div><div dir=3D"auto">Either way works.=
 Without conflicts I do main to both. With conflicts I do main to 15 and th=
en 15 to 14. For releng, it&#39;s always from the stable branch.</div><div =
dir=3D"auto"><br></div><div dir=3D"auto">Warner</div><div dir=3D"auto"><br>=
</div><div dir=3D"auto"><div class=3D"gmail_quote gmail_quote_container"><b=
lockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px =
#ccc solid;padding-left:1ex">
Best regards<br>
Michael<br>
&gt; <br>
&gt; - Justin<br>
&gt; <br>
&gt;&gt;&gt; ---<br>
&gt;&gt;&gt; sys/netpfil/ipfw/ip_fw2.c | 7 +++++++<br>
&gt;&gt;&gt; 1 file changed, 7 insertions(+)<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_f=
w2.c<br>
&gt;&gt;&gt; index 0e0ecd3c6b20..928ccefe4803 100644<br>
&gt;&gt;&gt; --- a/sys/netpfil/ipfw/ip_fw2.c<br>
&gt;&gt;&gt; +++ b/sys/netpfil/ipfw/ip_fw2.c<br>
&gt;&gt;&gt; @@ -67,6 +67,7 @@<br>
&gt;&gt;&gt; #include &lt;net/route/nhop.h&gt;<br>
&gt;&gt;&gt; #include &lt;net/pfil.h&gt;<br>
&gt;&gt;&gt; #include &lt;net/vnet.h&gt;<br>
&gt;&gt;&gt; +#include &lt;net/if_gif.h&gt;<br>
&gt;&gt;&gt; #include &lt;net/if_pfsync.h&gt;<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; #include &lt;netpfil/pf/pf_mtag.h&gt;<br>
&gt;&gt;&gt; @@ -1717,6 +1718,12 @@ do { \<br>
&gt;&gt;&gt; PULLUP_TO(hlen, ulp, struct ip);<br>
&gt;&gt;&gt; break;<br>
&gt;&gt;&gt; <br>
&gt;&gt;&gt; + case IPPROTO_ETHERIP: /* RFC 3378 */<br>
&gt;&gt;&gt; + PULLUP_LEN(hlen, ulp,<br>
&gt;&gt;&gt; +=C2=A0 =C2=A0 sizeof(struct etherip_header) +<br>
&gt;&gt;&gt; +=C2=A0 =C2=A0 sizeof(struct ether_header));<br>
&gt;&gt;&gt; + break;<br>
&gt;&gt;&gt; +<br>
&gt;&gt;&gt; case IPPROTO_PFSYNC:<br>
&gt;&gt;&gt; PULLUP_TO(hlen, ulp, struct pfsync_header);<br>
&gt;&gt;&gt; break;=C2=A0 <br>
&gt;&gt; <br>
&gt; <br>
<br>
</blockquote></div></div></div>

--00000000000005aaa4063fcd2e65--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfqvqVDR7uHtUnT1%2B6TrH7VPo9%2BsT9GjxLQQ-GXLMU2qpA>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation