From owner-freebsd-net@FreeBSD.ORG Tue Nov 9 08:29:06 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC61516A4CE; Tue, 9 Nov 2004 08:29:06 +0000 (GMT) Received: from relay.bestcom.ru (relay.bestcom.ru [217.72.144.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id E1FE143D54; Tue, 9 Nov 2004 08:29:05 +0000 (GMT) (envelope-from glebius@freebsd.org) Received: from cell.sick.ru (root@cell.sick.ru [217.72.144.68]) by relay.bestcom.ru (8.13.1/8.12.9) with ESMTP id iA98T4qw068240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 9 Nov 2004 11:29:04 +0300 (MSK) (envelope-from glebius@freebsd.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.12.11/8.12.8) with ESMTP id iA98T3Bf042504 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 9 Nov 2004 11:29:04 +0300 (MSK) (envelope-from glebius@freebsd.org) Received: (from glebius@localhost) by cell.sick.ru (8.12.11/8.12.11/Submit) id iA98T3K2042503; Tue, 9 Nov 2004 11:29:03 +0300 (MSK) (envelope-from glebius@freebsd.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@freebsd.org using -f Date: Tue, 9 Nov 2004 11:29:03 +0300 From: Gleb Smirnoff To: andre@freebsd.org Message-ID: <20041109082903.GA42446@cell.sick.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline User-Agent: Mutt/1.5.6i X-Virus-Scanned: clamd / ClamAV version devel-20041013, clamav-milter version 0.75l on 127.0.0.1 X-Virus-Status: Clean cc: net@freebsd.org Subject: ng_ksocket as divert socket is broken X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Nov 2004 08:29:06 -0000 Andre, I've recently noticed a regression between RELENG_5 and CURRENT. In CURRENT ng_ksocket is unable to work as divert socket. Since you have touched divert code recently I'm asking you. Today I'm going to dig deeply there, but probably you can give some ideas without investigation. A test for this functionality looks like this: /usr/sbin/ngctl -f- <<-SEQ mkpeer echo dummy dummy name .:dummy echo_div mkpeer echo_div: ksocket echo inet/raw/divert name echo_div:echo div_sock rmhook dummy msg div_sock: bind inet/0.0.0.0:8888 SEQ ipfw add 1000 divert 8888 all from any to any via fxp0 And packets should flow thru fxp0 in both directions. Do not try lo0, there are some problems in there. You also need this patch (going to commit it soon), if you are running INVARIANTS: --- ip_divert.c 25 Oct 2004 20:02:34 -0000 1.106 +++ ip_divert.c 9 Nov 2004 08:27:24 -0000 @@ -277,7 +277,7 @@ struct divert_tag *dt; int error = 0; - KASSERT(m->m_pkthdr.rcvif == NULL, ("rcvif not null")); + m->m_pkthdr.rcvif = NULL; if (control) m_freem(control); /* XXX */ -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE