From owner-freebsd-net@FreeBSD.ORG  Thu May 28 14:27:41 2015
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 5E59CA1E;
 Thu, 28 May 2015 14:27:41 +0000 (UTC) (envelope-from juliank@tzi.de)
Received: from mailhost.informatik.uni-bremen.de
 (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mailhost.informatik.uni-bremen.de",
 Issuer "Universitaet Bremen CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E8AB9276;
 Thu, 28 May 2015 14:27:40 +0000 (UTC) (envelope-from juliank@tzi.de)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from submithost.informatik.uni-bremen.de
 (submithost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::b])
 by mailhost.informatik.uni-bremen.de (8.14.5/8.14.5) with ESMTP id
 t4SERbFu024331; Thu, 28 May 2015 16:27:37 +0200 (CEST)
Received: from [IPv6:2003:55:6b2b:d000:30d9:f279:82b0:be8e]
 (p200300556B2BD00030D9F27982B0BE8E.dip0.t-ipconnect.de
 [IPv6:2003:55:6b2b:d000:30d9:f279:82b0:be8e])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by submithost.informatik.uni-bremen.de (Postfix) with ESMTPSA id
 3lyBFP4jZnz8xcb; Thu, 28 May 2015 16:27:37 +0200 (CEST)
Message-ID: <556725D9.4090708@tzi.de>
Date: Thu, 28 May 2015 16:27:37 +0200
From: Julian Kornberger <juliank@tzi.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: "Andrey V. Elsukov" <ae@freebsd.org>, "net@freebsd.org" <net@freebsd.org>
Subject: Re: Crash with GRE und IPFW fwd
References: <5566565A.7030200@tzi.de> <55672123.1090101@FreeBSD.org>
In-Reply-To: <55672123.1090101@FreeBSD.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 May 2015 14:27:41 -0000

Am 28.05.2015 um 16:07 schrieb Andrey V. Elsukov:
> Just noticed, you use ip_divert(4). gre(4) uses mbuf_tag to prevent
> infinity loop and stack exhausting. When packet goes through ip_divert,
> it loses this tag. You need to check your rules and avoid applying
> divert rules to GRE packets. Also you can use some netgraph based tcpmss
> implementation.

I only pass TCP SYN packets to divert.
This should not affect GRE packets?

ipfw add divert $tcpmssd_port tcp from any to not me setup

Thanks for your GRE module. I will give it a try.

-- 
Julian