From owner-freebsd-sparc64@FreeBSD.ORG Wed Jan 3 22:06:19 2007 Return-Path: X-Original-To: freebsd-sparc64@FreeBSD.org Delivered-To: freebsd-sparc64@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 32FD116A407 for ; Wed, 3 Jan 2007 22:06:19 +0000 (UTC) (envelope-from victor@unirc.eu) Received: from services.unirc.eu (88-149-154-117.f5.ngi.it [88.149.154.117]) by mx1.freebsd.org (Postfix) with ESMTP id CDFC213C465 for ; Wed, 3 Jan 2007 22:06:18 +0000 (UTC) (envelope-from victor@unirc.eu) Received: from [192.168.0.17] by services.unirc.eu with esmtp (Exim 4.63 (FreeBSD)) (envelope-from ) id 1H1U2K-0007fE-K5 for freebsd-sparc64@FreeBSD.org; Mon, 01 Jan 2007 21:45:36 +0100 Message-ID: <45997311.6070204@unirc.eu> Date: Mon, 01 Jan 2007 21:46:09 +0100 From: Victor Giusti User-Agent: Thunderbird 1.5.0.9 (X11/20061206) MIME-Version: 1.0 To: freebsd-sparc64@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: ipfilter problem in sparc64 X-BeenThere: freebsd-sparc64@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting FreeBSD to the Sparc List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jan 2007 22:06:19 -0000 Hi all im have a sparc ultra 5 running freebsd 6.2-prerelease: FreeBSD hathor.unirc.eu 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Thu Dec 28 21:29:39 CET 2006 victor@hathor.unirc.eu:/usr/src/sys/sparc64/compile/hathor sparc64 hathor# and one intel PIII running: %uname -a FreeBSD terbium 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Thu Dec 28 23:18:22 CET 2006 victor@terbium:/mnt/data/src/sys/i386/compile/terbium i386 freebsd installed in the same day.. On Intel ipf it works ok but in sparc NO!!! im load the config and the network stop im not have DEFAULT_DROP option on the kernel this is my ipf config tested on the two systems: ------------ #acepto todo desde local host pass in quick on lo0 from any to any pass out quick on lo0 from any to any pass in quick on sis0 from any to any >>> NOTE: hme0 on sparc pass out quick on sis0 from any to any >>> this is the only diferent # acepto todo desde la red interna # aca chau icmp pass out quick on tun0 proto icmp from any to any icmp-type 8 keep state pass in quick on tun0 proto icmp from any to any icmp-type 0 #traceroute pass out on tun0 proto udp from any to any port 33434 >< 33690 keep state pass in on tun0 proto icmp from any to any icmp-type timex pass in quick on tun0 proto tcp from any to any port = 22 flags S keep stat pass in quick on tun0 proto tcp from any to any port = 25 flags S keep state pass in quick on tun0 proto tcp from any to any port = 80 flags S keep state pass in quick on tun0 proto tcp from any to any port = 110 flags S keep state pass in quick on tun0 proto tcp from any to any port = 6667 flags S keep state pass in quick on tun0 proto tcp from any to any port = 6697 flags S keep state pass in quick on tun0 proto tcp from any to any port = 6668 flags S keep state pass in quick on tun0 proto tcp from any to any port = 7001 flags S keep state #denegamos todo para afuera pass out quick on tun0 proto tcp/udp from any to any keep state #block return-icmp-as-dest(host-unr) in quick on tun0 all block in quick on tun0 all block out quick all ---------------- I use this config without problems since 2001 (on x86 arch) im have this problem whith FreeBSD/sparc64 6.0 6.1 and the last 6.2 rc1 ipf version its the same in the two systems: sparc#ipf -V ipf: IP Filter: v4.1.13 (528) Kernel: IP Filter: v4.1.13 Running: yes Log Flags: 0 = none set Default: pass all, Logging: available Active list: 0 Feature mask: 0x10a intel#ipf -V ipf: IP Filter: v4.1.13 (416) Kernel: IP Filter: v4.1.13 Running: yes Log Flags: 0 = none set Default: pass all, Logging: available Active list: 0 Feature mask: 0x10a Any IDEA?