From owner-freebsd-ipfw@freebsd.org  Thu Aug 13 15:20:43 2015
Return-Path: <owner-freebsd-ipfw@freebsd.org>
Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E37DE9A094D
 for <freebsd-ipfw@mailman.ysv.freebsd.org>;
 Thu, 13 Aug 2015 15:20:43 +0000 (UTC)
 (envelope-from melifaro@ipfw.ru)
Received: from forward13h.cmail.yandex.net (forward13h.cmail.yandex.net
 [87.250.230.155])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "forwards.mail.yandex.net",
 Issuer "Certum Level IV CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 96C9BE69;
 Thu, 13 Aug 2015 15:20:43 +0000 (UTC)
 (envelope-from melifaro@ipfw.ru)
Received: from web29h.yandex.ru (web29h.yandex.ru [IPv6:2a02:6b8:0:f05::39])
 by forward13h.cmail.yandex.net (Yandex) with ESMTP id 9E18E20DCE;
 Thu, 13 Aug 2015 18:20:32 +0300 (MSK)
Received: from 127.0.0.1 (localhost [127.0.0.1])
 by web29h.yandex.ru (Yandex) with ESMTP id D25142FC0C82;
 Thu, 13 Aug 2015 18:20:31 +0300 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfw.ru; s=mail;
 t=1439479232; bh=X4JYKS7ivfD1ZjFc8ESCHCy2bcDHBktwRi+3yYotVTg=;
 h=From:To:Cc:In-Reply-To:References:Subject:Date;
 b=smTbiv3EPGU77cwDgFAv+y9XWJPzf69J3P7Tda3Xx01Ow/7yLeCxd8xMab9W0mS6m
 uU9IZnbWHTNX21YbsMgnGkOoFWMjP6zZiRuVx1/drRmbzK4lWPX49pkZq+9CXV456t
 0THTJabOzo5uKMEk7Cvo0Ii0euSylU6z8dRX09fI=
Received: by web29h.yandex.ru with HTTP;
	Thu, 13 Aug 2015 18:20:29 +0300
From: Alexander V. Chernikov <melifaro@ipfw.ru>
To: Julian Elischer <julian@freebsd.org>, Ian Smith <smithi@nimnet.asn.au>,
 Luigi Rizzo <rizzo@iet.unipi.it>
Cc: "freebsd-ipfw@freebsd.org" <freebsd-ipfw@freebsd.org>
In-Reply-To: <55CCB543.20504@freebsd.org>
References: <55BF368A.60004@elischer.org>
 <20150803234952.O17327@sola.nimnet.asn.au> <925201438613458@web7h.yandex.ru>
 <55BFC7A7.2000907@freebsd.org> <252361438673995@web5h.yandex.ru>
 <55CC1BFF.5090800@freebsd.org> <20150813233624.P8515@sola.nimnet.asn.au>
 <CA+hQ2+g-kU9U1nK-EOiuoEkBF=SAaX=RBETW69K+NrLAcQK1Ew@mail.gmail.com>
 <20150814003533.I8515@sola.nimnet.asn.au> <55CCB543.20504@freebsd.org>
Subject: Re: ipfw delete 100-300
MIME-Version: 1.0
Message-Id: <926891439479229@web29h.yandex.ru>
X-Mailer: Yamail [ http://yandex.ru ] 5.0
Date: Thu, 13 Aug 2015 18:20:29 +0300
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=koi8-r
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2015 15:20:44 -0000



13.08.2015, 18:19, "Julian Elischer" <julian@freebsd.org>:
> On 8/13/15 10:41 PM, Ian Smith wrote:
>> šOn Thu, 13 Aug 2015 16:30:15 +0200, Luigi Rizzo wrote:
>> ššš> On Thu, Aug 13, 2015 at 4:00 PM, Ian Smith <smithi@nimnet.asn.au> wrote:
>> ššš> > On Thu, 13 Aug 2015 12:24:31 +0800, Julian Elischer wrote:
>> ššš> > > BTW, any ideas as to what causes this?
>> ššš> > > # ipfw show
>> ššš> > > [...]
>> ššš> > > 00400 0 0 deny ip from 10.12.1.0/24 to any in recv
>> ššš> > > xn0
>> ššš> > > 00500 0 16045693110842147038 deny ip from 204.109.63.0/25 to any in recv
>> ššš> > > xn1
>> ššš> > > 00600 0 0 allow ip from any to any in recv xn1
>> ššš> > > [...]
>> ššš> > > 65535 8251 16045693110842147290 deny ip from any to any
>> ššš> > >
>> ššš> > >
>> ššš> > > -current as of the 5th of august
>> ššš> > > FreeBSD vps1.elischer.org 11.0-CURRENT FreeBSD 11.0-CURRENT #1 r286304: Wed
>> ššš> > > Aug 5 14:31:10 PDT 2015
>> ššš> > > root@vps1.elischer.org:/usr/obj/usr/src-current/sys/VPS1 i386
>> ššš> > >
>> ššš> > > note i386, not amd64.
>> ššš> >
>> ššš> > Assuming all digits were shown, on a wild hunch:
>> ššš> >
>> ššš> > t23% echo 'scale=20; 2^64 - 16045693110842147038' | bc
>> ššš> > 2401050962867404578
>> ššš> > t23% echo 'scale=20; 2^63 - 16045693110842147038' | bc
>> ššš> > -6822321073987371230
>> ššš> >
>> ššš>
>> ššš> bc
>> ššš> obase=16
>> ššš> 16045693110842147038
>> ššš> DEADC0DEDEADC0DE
>> ššš>
>> ššš> so... somehow pointing in a bad place.
>>
>> šAh, quite so .. and rule 65535 looks like a slightly worse place.
>>
>> št23% echo 'obase=16; 16045693110842147290' | bc
>> šDEADC0DEDEADC1DA
>
> that's deadcode when it's had some packets added to it :-)
>
> I think our friend Mr Chernikov may have tripped up over something..
Well, I'll take a look on it when I setup an i386 vm :)
Not easy to find one these days..
>
>> šthanks, Ian