From owner-freebsd-pf@FreeBSD.ORG  Mon Aug 15 15:29:03 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EFBA816A41F
	for <freebsd-pf@freebsd.org>; Mon, 15 Aug 2005 15:29:02 +0000 (GMT)
	(envelope-from max@love2party.net)
Received: from moutng.kundenserver.de (moutng.kundenserver.de
	[212.227.126.171])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 581D243D6A
	for <freebsd-pf@freebsd.org>; Mon, 15 Aug 2005 15:28:56 +0000 (GMT)
	(envelope-from max@love2party.net)
Received: from p54A3ED51.dip.t-dialin.net [84.163.237.81]
	(helo=donor.laier.local)
	by mrelayeu.kundenserver.de with ESMTP (Nemesis),
	id 0ML25U-1E4gtS1nwz-0005Dk; Mon, 15 Aug 2005 17:28:54 +0200
From: Max Laier <max@love2party.net>
To: freebsd-pf@freebsd.org
Date: Mon, 15 Aug 2005 17:28:37 +0200
User-Agent: KMail/1.8.2
References: <42FF47A2.1090208@yuckfou.org>
	<48239d39050815042096f9890@mail.gmail.com>
	<20050815143449.GA32151@insomnia.benzedrine.cx>
In-Reply-To: <20050815143449.GA32151@insomnia.benzedrine.cx>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart17843871.CkQWrrVyAs";
	protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <200508151728.51489.max@love2party.net>
X-Provags-ID: kundenserver.de abuse@kundenserver.de
	login:61c499deaeeba3ba5be80f48ecc83056
Cc: 
Subject: Re: Fwd: Dual-feed: PF setup troubles
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2005 15:29:03 -0000

--nextPart17843871.CkQWrrVyAs
Content-Type: multipart/mixed;
  boundary="Boundary-01=_uSLADTKtcBjGrXZ"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--Boundary-01=_uSLADTKtcBjGrXZ
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Monday 15 August 2005 16:34, Daniel Hartmeier wrote:
> I suspect the loop occurs through sys/net/if_ethersubr.c ether_output()
> You route-to the broadcast packet, pf will call ether_output() to send
> it out through the new interface, and this piece of code in there will
> send it right back in through that interface again. If your ruleset then
> routes that resent packet again, you get a tight endless loop, locking
> up the kernel, like you describe.

Good catch!

> OpenBSD doesn't have this piece in ether_output(), I'm not sure in what
> cases people want outgoing broadcasts on an interface reflected back at
> them by the stack.

In fact OpenBSD has this code as well, though in it's old/original form. =20
However, in version 1.70 you introduced the fix:

line 283:
                /* If broadcasting on a simplex interface, loopback a copy =
*/
                if ((m->m_flags & M_BCAST) && (ifp->if_flags & IFF_SIMPLEX)=
 &&
                    m_tag_find(m, PACKET_TAG_PF_ROUTED, NULL) =3D=3D NULL)
                        mcopy =3D m_copy(m, 0, (int)M_COPYALL);

Attached is a patch to reproduce this in FreeBSD, can you please try?  I am=
=20
not 100% that this is the right fix, or if it is better to do the relooping=
=20
as well telling pf not to re-route it again (e.g. via PF_GENERATED), though=
=20
this has different gotchas.

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--Boundary-01=_uSLADTKtcBjGrXZ
Content-Type: text/x-diff;
  charset="iso-8859-1";
  name="routefix.diff"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="routefix.diff"

Index: if_ethersubr.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/store/mlaier/fcvs/src/sys/net/if_ethersubr.c,v
retrieving revision 1.196
diff -u -r1.196 if_ethersubr.c
=2D-- if_ethersubr.c	9 Aug 2005 10:19:58 -0000	1.196
+++ if_ethersubr.c	15 Aug 2005 15:14:34 -0000
@@ -310,7 +310,8 @@
 	 * on the wire). However, we don't do that here for security
 	 * reasons and compatibility with the original behavior.
 	 */
=2D	if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy !=3D -1)) {
+	if ((ifp->if_flags & IFF_SIMPLEX) && (loop_copy !=3D -1) &&
+	    m_tag_find(m, PACKET_TAG_PF_ROUTED, NULL) =3D=3D NULL) {
 		int csum_flags =3D 0;
=20
 		if (m->m_pkthdr.csum_flags & CSUM_IP)

--Boundary-01=_uSLADTKtcBjGrXZ--

--nextPart17843871.CkQWrrVyAs
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQBDALSzXyyEoT62BG0RAmpFAJkB2qq9+V7OduQmpVNNC7GKQilmOgCeJW3u
gkXREYcyNJBgyhos320uciE=
=vGpQ
-----END PGP SIGNATURE-----

--nextPart17843871.CkQWrrVyAs--