Date: Mon, 29 Sep 2025 11:22:15 +0800 From: Zhenlei Huang <zlei@FreeBSD.org> To: Justin Hibbits <chmeee@has.gonegalt.net> Cc: Michael Tuexen <tuexen@FreeBSD.org>, "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-branches@freebsd.org" <dev-commits-src-branches@FreeBSD.org>, Warner Losh <imp@bsdimp.com> Subject: Re: git: b4c6c3db0379 - stable/14 - ipfw: Teach ipfw that EtherIP is an upper layer protocol Message-ID: <BB56F074-F352-48CB-BE97-0BA280B5A232@FreeBSD.org> In-Reply-To: <20250927143548.661e75f7@ralga.knownspace> References: <202509271513.58RFDst3083057@gitrepo.freebsd.org> <44DAB9B2-B037-49B0-9153-90B4CFBB6234@FreeBSD.org> <20250927143548.661e75f7@ralga.knownspace>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] > On Sep 28, 2025, at 2:35 AM, Justin Hibbits <chmeee@has.gonegalt.net> wrote: > > On Sat, 27 Sep 2025 20:32:20 +0200 > Michael Tuexen <tuexen@FreeBSD.org <mailto:tuexen@FreeBSD.org>> wrote: > >>> On 27. Sep 2025, at 17:13, Zhenlei Huang <zlei@FreeBSD.org> wrote: >>> >>> The branch stable/14 has been updated by zlei: >>> >>> URL: >>> https://cgit.FreeBSD.org/src/commit/?id=b4c6c3db0379a5b3d34143325805cd7e68cf3d9a >>> >>> commit b4c6c3db0379a5b3d34143325805cd7e68cf3d9a >>> Author: Zhenlei Huang <zlei@FreeBSD.org> >>> AuthorDate: 2025-09-16 15:58:24 +0000 >>> Commit: Zhenlei Huang <zlei@FreeBSD.org> >>> CommitDate: 2025-09-27 15:11:35 +0000 >>> >>> ipfw: Teach ipfw that EtherIP is an upper layer protocol >>> >>> so that we do not discard EtherIP packets ( over IPv6 network ) >>> when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is >>> the default value ). >>> >>> PR: 227450 >>> Reviewed by: ae, #network >>> MFC after: 1 week >>> Differential Revision: https://reviews.freebsd.org/D52566 >>> >>> (cherry picked from commit >>> 0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from >>> commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e) >> Why is this cherry picked from two commits? Shouldn't this be only >> cherry picked from the commit to the main branch? >> >> Best regards >> Michael > > It's common to cherry-pick from stable to older-stable. This was > likely cherry-picked from stable/15, which was cherry-picked from main. Exactly ! I have ever encountered merge conflicts when doing MFC and it is painful to resolve the conflicts multiple times when MFCing to older branches. Also it it likely that branches will no drift too much between closer ones and less conflicts can happen, e.g. stable/15 and stable/14, but not main and stable/14, As Warner pointed out, if no merge conflicts happens then it is OK to MFC from main to older branches. To make it simple ( I'm a little lazy ~ ) I'd always choose MFC from a near branch. Best regards, Zhenlei > > - Justin > >>> --- >>> sys/netpfil/ipfw/ip_fw2.c | 7 +++++++ >>> 1 file changed, 7 insertions(+) >>> >>> diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c >>> index 0e0ecd3c6b20..928ccefe4803 100644 >>> --- a/sys/netpfil/ipfw/ip_fw2.c >>> +++ b/sys/netpfil/ipfw/ip_fw2.c >>> @@ -67,6 +67,7 @@ >>> #include <net/route/nhop.h> >>> #include <net/pfil.h> >>> #include <net/vnet.h> >>> +#include <net/if_gif.h> >>> #include <net/if_pfsync.h> >>> >>> #include <netpfil/pf/pf_mtag.h> >>> @@ -1717,6 +1718,12 @@ do { \ >>> PULLUP_TO(hlen, ulp, struct ip); >>> break; >>> >>> + case IPPROTO_ETHERIP: /* RFC 3378 */ >>> + PULLUP_LEN(hlen, ulp, >>> + sizeof(struct etherip_header) + >>> + sizeof(struct ether_header)); >>> + break; >>> + >>> case IPPROTO_PFSYNC: >>> PULLUP_TO(hlen, ulp, struct pfsync_header); >>> break; [-- Attachment #2 --] <html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Sep 28, 2025, at 2:35 AM, Justin Hibbits <<a href="mailto:chmeee@has.gonegalt.net" class="">chmeee@has.gonegalt.net</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta charset="UTF-8" class=""><span style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">On Sat, 27 Sep 2025 20:32:20 +0200</span><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">Michael Tuexen <</span><a href="mailto:tuexen@FreeBSD.org" style="font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" class="">tuexen@FreeBSD.org</a><span style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">> wrote:</span><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><blockquote type="cite" style="font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><blockquote type="cite" class="">On 27. Sep 2025, at 17:13, Zhenlei Huang <<a href="mailto:zlei@FreeBSD.org" class="">zlei@FreeBSD.org</a>> wrote:<br class=""><br class="">The branch stable/14 has been updated by zlei:<br class=""><br class="">URL:<br class=""><a href="https://cgit.FreeBSD.org/src/commit/?id=b4c6c3db0379a5b3d34143325805cd7e68cf3d9a" class="">https://cgit.FreeBSD.org/src/commit/?id=b4c6c3db0379a5b3d34143325805cd7e68cf3d9a</a><br class=""><br class="">commit b4c6c3db0379a5b3d34143325805cd7e68cf3d9a<br class="">Author: Zhenlei Huang <zlei@FreeBSD.org><br class="">AuthorDate: 2025-09-16 15:58:24 +0000<br class="">Commit: Zhenlei Huang <zlei@FreeBSD.org><br class="">CommitDate: 2025-09-27 15:11:35 +0000<br class=""><br class=""> ipfw: Teach ipfw that EtherIP is an upper layer protocol<br class=""><br class=""> so that we do not discard EtherIP packets ( over IPv6 network )<br class="">when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is<br class="">the default value ).<br class=""><br class=""> PR: 227450<br class=""> Reviewed by: ae, #network<br class=""> MFC after: 1 week<br class=""> Differential Revision: https://reviews.freebsd.org/D52566<br class=""><br class=""> (cherry picked from commit<br class="">0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from<br class="">commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e) <br class=""></blockquote>Why is this cherry picked from two commits? Shouldn't this be only<br class="">cherry picked from the commit to the main branch?<br class=""><br class="">Best regards<br class="">Michael<br class=""></blockquote><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">It's common to cherry-pick from stable to older-stable. This was</span><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">likely cherry-picked from stable/15, which was cherry-picked from main.</span><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""></div></blockquote><div><br class=""></div><div>Exactly !</div><div><br class=""></div><div>I have ever encountered merge conflicts when doing MFC and it is painful to resolve the conflicts multiple times when</div><div>MFCing to older branches.</div><div><br class=""></div><div>Also it it likely that branches will no drift too much between closer ones and less <span style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);" class="">conflicts can happen</span>, e.g. stable/15 and stable/14, but not main and stable/14,</div><div><br class=""></div><div>As Warner pointed out, if no merge conflicts happens then it is OK to MFC from main to older branches.</div><div><br class=""></div><div><span style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);" class="">To make it simple ( I'm a little lazy ~ ) I'd always choose MFC from a near branch.</span></div><div><span style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);" class=""><br class=""></span></div><div><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Best regards,</div><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Zhenlei</div></div><br class=""><blockquote type="cite" class=""><div class=""><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">- Justin</span><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><br style="caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><blockquote type="cite" style="font-family: Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""><blockquote type="cite" class="">---<br class="">sys/netpfil/ipfw/ip_fw2.c | 7 +++++++<br class="">1 file changed, 7 insertions(+)<br class=""><br class="">diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c<br class="">index 0e0ecd3c6b20..928ccefe4803 100644<br class="">--- a/sys/netpfil/ipfw/ip_fw2.c<br class="">+++ b/sys/netpfil/ipfw/ip_fw2.c<br class="">@@ -67,6 +67,7 @@<br class="">#include <net/route/nhop.h><br class="">#include <net/pfil.h><br class="">#include <net/vnet.h><br class="">+#include <net/if_gif.h><br class="">#include <net/if_pfsync.h><br class=""><br class="">#include <netpfil/pf/pf_mtag.h><br class="">@@ -1717,6 +1718,12 @@ do { \<br class="">PULLUP_TO(hlen, ulp, struct ip);<br class="">break;<br class=""><br class="">+ case IPPROTO_ETHERIP: /* RFC 3378 */<br class="">+ PULLUP_LEN(hlen, ulp,<br class="">+ sizeof(struct etherip_header) +<br class="">+ sizeof(struct ether_header));<br class="">+ break;<br class="">+<br class="">case IPPROTO_PFSYNC:<br class="">PULLUP_TO(hlen, ulp, struct pfsync_header);<br class="">break; </blockquote></blockquote></div></blockquote></div><div class=""><div><br class=""></div> </div> <br class=""></body></html>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BB56F074-F352-48CB-BE97-0BA280B5A232>