Date: Mon, 29 Sep 2025 11:22:15 +0800 From: Zhenlei Huang <zlei@FreeBSD.org> To: Justin Hibbits <chmeee@has.gonegalt.net> Cc: Michael Tuexen <tuexen@FreeBSD.org>, "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-branches@freebsd.org" <dev-commits-src-branches@FreeBSD.org>, Warner Losh <imp@bsdimp.com> Subject: Re: git: b4c6c3db0379 - stable/14 - ipfw: Teach ipfw that EtherIP is an upper layer protocol Message-ID: <BB56F074-F352-48CB-BE97-0BA280B5A232@FreeBSD.org> In-Reply-To: <20250927143548.661e75f7@ralga.knownspace> References: <202509271513.58RFDst3083057@gitrepo.freebsd.org> <44DAB9B2-B037-49B0-9153-90B4CFBB6234@FreeBSD.org> <20250927143548.661e75f7@ralga.knownspace>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_A963760F-6B49-4366-A5BC-DC8BF57C03DA Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Sep 28, 2025, at 2:35 AM, Justin Hibbits <chmeee@has.gonegalt.net> = wrote: >=20 > On Sat, 27 Sep 2025 20:32:20 +0200 > Michael Tuexen <tuexen@FreeBSD.org <mailto:tuexen@FreeBSD.org>> wrote: >=20 >>> On 27. Sep 2025, at 17:13, Zhenlei Huang <zlei@FreeBSD.org> wrote: >>>=20 >>> The branch stable/14 has been updated by zlei: >>>=20 >>> URL: >>> = https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0379a5b3d34143325805cd7e= 68cf3d9a >>>=20 >>> commit b4c6c3db0379a5b3d34143325805cd7e68cf3d9a >>> Author: Zhenlei Huang <zlei@FreeBSD.org> >>> AuthorDate: 2025-09-16 15:58:24 +0000 >>> Commit: Zhenlei Huang <zlei@FreeBSD.org> >>> CommitDate: 2025-09-27 15:11:35 +0000 >>>=20 >>> ipfw: Teach ipfw that EtherIP is an upper layer protocol >>>=20 >>> so that we do not discard EtherIP packets ( over IPv6 network ) >>> when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is >>> the default value ). >>>=20 >>> PR: 227450 >>> Reviewed by: ae, #network >>> MFC after: 1 week >>> Differential Revision: https://reviews.freebsd.org/D52566 >>>=20 >>> (cherry picked from commit >>> 0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from >>> commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e) =20 >> Why is this cherry picked from two commits? Shouldn't this be only >> cherry picked from the commit to the main branch? >>=20 >> Best regards >> Michael >=20 > It's common to cherry-pick from stable to older-stable. This was > likely cherry-picked from stable/15, which was cherry-picked from = main. Exactly ! I have ever encountered merge conflicts when doing MFC and it is painful = to resolve the conflicts multiple times when MFCing to older branches. Also it it likely that branches will no drift too much between closer = ones and less conflicts can happen, e.g. stable/15 and stable/14, but = not main and stable/14, As Warner pointed out, if no merge conflicts happens then it is OK to = MFC from main to older branches. To make it simple ( I'm a little lazy ~ ) I'd always choose MFC from a = near branch. Best regards, Zhenlei >=20 > - Justin >=20 >>> --- >>> sys/netpfil/ipfw/ip_fw2.c | 7 +++++++ >>> 1 file changed, 7 insertions(+) >>>=20 >>> diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c >>> index 0e0ecd3c6b20..928ccefe4803 100644 >>> --- a/sys/netpfil/ipfw/ip_fw2.c >>> +++ b/sys/netpfil/ipfw/ip_fw2.c >>> @@ -67,6 +67,7 @@ >>> #include <net/route/nhop.h> >>> #include <net/pfil.h> >>> #include <net/vnet.h> >>> +#include <net/if_gif.h> >>> #include <net/if_pfsync.h> >>>=20 >>> #include <netpfil/pf/pf_mtag.h> >>> @@ -1717,6 +1718,12 @@ do { \ >>> PULLUP_TO(hlen, ulp, struct ip); >>> break; >>>=20 >>> + case IPPROTO_ETHERIP: /* RFC 3378 */ >>> + PULLUP_LEN(hlen, ulp, >>> + sizeof(struct etherip_header) + >>> + sizeof(struct ether_header)); >>> + break; >>> + >>> case IPPROTO_PFSYNC: >>> PULLUP_TO(hlen, ulp, struct pfsync_header); >>> break; =20 --Apple-Mail=_A963760F-6B49-4366-A5BC-DC8BF57C03DA Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; = charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; = -webkit-nbsp-mode: space; line-break: after-white-space;" class=3D""><br = class=3D""><div><br class=3D""><blockquote type=3D"cite" class=3D""><div = class=3D"">On Sep 28, 2025, at 2:35 AM, Justin Hibbits <<a = href=3D"mailto:chmeee@has.gonegalt.net" = class=3D"">chmeee@has.gonegalt.net</a>> wrote:</div><br = class=3D"Apple-interchange-newline"><div class=3D""><meta = charset=3D"UTF-8" class=3D""><span style=3D"caret-color: rgb(0, 0, 0); = font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;" = class=3D"">On Sat, 27 Sep 2025 20:32:20 +0200</span><br = style=3D"caret-color: rgb(0, 0, 0); font-family: Menlo-Regular; = font-size: 13px; font-style: normal; font-variant-caps: normal; = font-weight: 400; letter-spacing: normal; text-align: start; = text-indent: 0px; text-transform: none; white-space: normal; = word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: = none;" class=3D""><span style=3D"caret-color: rgb(0, 0, 0); font-family: = Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: = normal; font-weight: 400; letter-spacing: normal; text-align: start; = text-indent: 0px; text-transform: none; white-space: normal; = word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: = none; float: none; display: inline !important;" class=3D"">Michael = Tuexen <</span><a href=3D"mailto:tuexen@FreeBSD.org" = style=3D"font-family: Menlo-Regular; font-size: 13px; font-style: = normal; font-variant-caps: normal; font-weight: 400; letter-spacing: = normal; orphans: auto; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; widows: auto; word-spacing: = 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" = class=3D"">tuexen@FreeBSD.org</a><span style=3D"caret-color: rgb(0, 0, = 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;" = class=3D"">> wrote:</span><br style=3D"caret-color: rgb(0, 0, 0); = font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><br style=3D"caret-color: rgb(0, 0, = 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><blockquote type=3D"cite" = style=3D"font-family: Menlo-Regular; font-size: 13px; font-style: = normal; font-variant-caps: normal; font-weight: 400; letter-spacing: = normal; orphans: auto; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; widows: auto; word-spacing: = 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><blockquote type=3D"cite" class=3D"">On= 27. Sep 2025, at 17:13, Zhenlei Huang <<a = href=3D"mailto:zlei@FreeBSD.org" class=3D"">zlei@FreeBSD.org</a>> = wrote:<br class=3D""><br class=3D"">The branch stable/14 has been = updated by zlei:<br class=3D""><br class=3D"">URL:<br class=3D""><a = href=3D"https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0379a5b3d3414332= 5805cd7e68cf3d9a" = class=3D"">https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0379a5b3d3414= 3325805cd7e68cf3d9a</a><br class=3D""><br class=3D"">commit = b4c6c3db0379a5b3d34143325805cd7e68cf3d9a<br class=3D"">Author: = Zhenlei Huang <zlei@FreeBSD.org><br = class=3D"">AuthorDate: 2025-09-16 15:58:24 +0000<br class=3D"">Commit: = Zhenlei Huang <zlei@FreeBSD.org><br = class=3D"">CommitDate: 2025-09-27 15:11:35 +0000<br class=3D""><br = class=3D""> ipfw: Teach ipfw that EtherIP is an upper layer = protocol<br class=3D""><br class=3D""> so that we do not = discard EtherIP packets ( over IPv6 network )<br class=3D"">when = net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is<br = class=3D"">the default value ).<br class=3D""><br = class=3D""> PR: = 22= 7450<br class=3D""> Reviewed by: ae, = #network<br class=3D""> MFC after: = 1 week<br = class=3D""> Differential Revision: = https://reviews.freebsd.org/D52566<br class=3D""><br = class=3D""> (cherry picked from commit<br = class=3D"">0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked = from<br class=3D"">commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e) = <br class=3D""></blockquote>Why is this cherry picked from two = commits? Shouldn't this be only<br class=3D"">cherry picked from the = commit to the main branch?<br class=3D""><br class=3D"">Best regards<br = class=3D"">Michael<br class=3D""></blockquote><br style=3D"caret-color: = rgb(0, 0, 0); font-family: Menlo-Regular; font-size: 13px; font-style: = normal; font-variant-caps: normal; font-weight: 400; letter-spacing: = normal; text-align: start; text-indent: 0px; text-transform: none; = white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><span style=3D"caret-color: rgb(0, 0, = 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;" = class=3D"">It's common to cherry-pick from stable to older-stable. = This was</span><br style=3D"caret-color: rgb(0, 0, 0); = font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><span style=3D"caret-color: rgb(0, 0, = 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;" = class=3D"">likely cherry-picked from stable/15, which was cherry-picked = from main.</span><br style=3D"caret-color: rgb(0, 0, 0); font-family: = Menlo-Regular; font-size: 13px; font-style: normal; font-variant-caps: = normal; font-weight: 400; letter-spacing: normal; text-align: start; = text-indent: 0px; text-transform: none; white-space: normal; = word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: = none;" class=3D""></div></blockquote><div><br = class=3D""></div><div>Exactly !</div><div><br class=3D""></div><div>I = have ever encountered merge conflicts when doing MFC and it is painful = to resolve the conflicts multiple times when</div><div>MFCing to older = branches.</div><div><br class=3D""></div><div>Also it it likely that = branches will no drift too much between closer ones and less <span = style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);" = class=3D"">conflicts can happen</span>, e.g. stable/15 and stable/14, = but not main and stable/14,</div><div><br class=3D""></div><div>As = Warner pointed out, if no merge conflicts happens then it is OK to MFC = from main to older branches.</div><div><br class=3D""></div><div><span = style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);" class=3D"">To = make it simple ( I'm a little lazy ~ ) I'd always choose MFC from a near = branch.</span></div><div><span style=3D"caret-color: rgb(0, 0, 0); = color: rgb(0, 0, 0);" class=3D""><br class=3D""></span></div><div><div = style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Best = regards,</div><div style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, = 0);">Zhenlei</div></div><br class=3D""><blockquote type=3D"cite" = class=3D""><div class=3D""><br style=3D"caret-color: rgb(0, 0, 0); = font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><span style=3D"caret-color: rgb(0, 0, = 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none; float: none; display: inline !important;" = class=3D"">- Justin</span><br style=3D"caret-color: rgb(0, 0, 0); = font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><br style=3D"caret-color: rgb(0, 0, = 0); font-family: Menlo-Regular; font-size: 13px; font-style: normal; = font-variant-caps: normal; font-weight: 400; letter-spacing: normal; = text-align: start; text-indent: 0px; text-transform: none; white-space: = normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><blockquote type=3D"cite" = style=3D"font-family: Menlo-Regular; font-size: 13px; font-style: = normal; font-variant-caps: normal; font-weight: 400; letter-spacing: = normal; orphans: auto; text-align: start; text-indent: 0px; = text-transform: none; white-space: normal; widows: auto; word-spacing: = 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; = text-decoration: none;" class=3D""><blockquote type=3D"cite" = class=3D"">---<br class=3D"">sys/netpfil/ipfw/ip_fw2.c | 7 +++++++<br = class=3D"">1 file changed, 7 insertions(+)<br class=3D""><br = class=3D"">diff --git a/sys/netpfil/ipfw/ip_fw2.c = b/sys/netpfil/ipfw/ip_fw2.c<br class=3D"">index = 0e0ecd3c6b20..928ccefe4803 100644<br class=3D"">--- = a/sys/netpfil/ipfw/ip_fw2.c<br class=3D"">+++ = b/sys/netpfil/ipfw/ip_fw2.c<br class=3D"">@@ -67,6 +67,7 @@<br = class=3D"">#include <net/route/nhop.h><br class=3D"">#include = <net/pfil.h><br class=3D"">#include <net/vnet.h><br = class=3D"">+#include <net/if_gif.h><br class=3D"">#include = <net/if_pfsync.h><br class=3D""><br class=3D"">#include = <netpfil/pf/pf_mtag.h><br class=3D"">@@ -1717,6 +1718,12 @@ do { = \<br class=3D"">PULLUP_TO(hlen, ulp, struct ip);<br class=3D"">break;<br = class=3D""><br class=3D"">+ case IPPROTO_ETHERIP: /* RFC 3378 */<br = class=3D"">+ PULLUP_LEN(hlen, ulp,<br class=3D"">+ = sizeof(struct etherip_header) +<br class=3D"">+ = sizeof(struct ether_header));<br class=3D"">+ = break;<br class=3D"">+<br class=3D"">case IPPROTO_PFSYNC:<br = class=3D"">PULLUP_TO(hlen, ulp, struct pfsync_header);<br = class=3D"">break; = </blockquote></blockquote></div></blockquote></div><div = class=3D""><div><br class=3D""></div> </div> <br class=3D""></body></html>= --Apple-Mail=_A963760F-6B49-4366-A5BC-DC8BF57C03DA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BB56F074-F352-48CB-BE97-0BA280B5A232>