Date: Sat, 27 Sep 2025 20:44:23 +0200 From: Michael Tuexen <tuexen@FreeBSD.org> To: Justin Hibbits <chmeee@has.gonegalt.net> Cc: Zhenlei Huang <zlei@FreeBSD.org>, "src-committers@freebsd.org" <src-committers@FreeBSD.org>, "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>, "dev-commits-src-branches@freebsd.org" <dev-commits-src-branches@FreeBSD.org> Subject: Re: git: b4c6c3db0379 - stable/14 - ipfw: Teach ipfw that EtherIP is an upper layer protocol Message-ID: <7CCC215D-E9EF-49CD-95A1-F2D5215AD268@FreeBSD.org> In-Reply-To: <20250927143548.661e75f7@ralga.knownspace> References: <202509271513.58RFDst3083057@gitrepo.freebsd.org> <44DAB9B2-B037-49B0-9153-90B4CFBB6234@FreeBSD.org> <20250927143548.661e75f7@ralga.knownspace>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 27. Sep 2025, at 20:35, Justin Hibbits <chmeee@has.gonegalt.net> = wrote: >=20 > On Sat, 27 Sep 2025 20:32:20 +0200 > Michael Tuexen <tuexen@FreeBSD.org> wrote: >=20 >>> On 27. Sep 2025, at 17:13, Zhenlei Huang <zlei@FreeBSD.org> wrote: >>>=20 >>> The branch stable/14 has been updated by zlei: >>>=20 >>> URL: >>> = https://cgit.FreeBSD.org/src/commit/?id=3Db4c6c3db0379a5b3d34143325805cd7e= 68cf3d9a >>>=20 >>> commit b4c6c3db0379a5b3d34143325805cd7e68cf3d9a >>> Author: Zhenlei Huang <zlei@FreeBSD.org> >>> AuthorDate: 2025-09-16 15:58:24 +0000 >>> Commit: Zhenlei Huang <zlei@FreeBSD.org> >>> CommitDate: 2025-09-27 15:11:35 +0000 >>>=20 >>> ipfw: Teach ipfw that EtherIP is an upper layer protocol >>>=20 >>> so that we do not discard EtherIP packets ( over IPv6 network ) >>> when net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is >>> the default value ). >>>=20 >>> PR: 227450 >>> Reviewed by: ae, #network >>> MFC after: 1 week >>> Differential Revision: https://reviews.freebsd.org/D52566 >>>=20 >>> (cherry picked from commit >>> 0418e6690e91aa6c38dd9af9da43c4c5a9dc1cd2) (cherry picked from >>> commit b1c96e54b906d0cdea0b5a9c74cc295803dfe50e) =20 >> Why is this cherry picked from two commits? Shouldn't this be only >> cherry picked from the commit to the main branch? >>=20 >> Best regards >> Michael >=20 > It's common to cherry-pick from stable to older-stable. This was > likely cherry-picked from stable/15, which was cherry-picked from = main. That is why I am asking. My understanding is that we should * MFC from main to stable/15 * MFC from main to stable/14 * MFC from stable/14 to releng/14.4 So I might be wrong and and I should actually do instead * MFC from main to stable/15 * MFC from stable/15 to stable/14 * MFC from stable/14 to releng/14.4 I know that releng/14.4 does not exist, but there is a time window we can get changes into relen/14.4 with approval from re@. I would just like to know how I should MFC to stable/14... Best regards Michael >=20 > - Justin >=20 >>> --- >>> sys/netpfil/ipfw/ip_fw2.c | 7 +++++++ >>> 1 file changed, 7 insertions(+) >>>=20 >>> diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c >>> index 0e0ecd3c6b20..928ccefe4803 100644 >>> --- a/sys/netpfil/ipfw/ip_fw2.c >>> +++ b/sys/netpfil/ipfw/ip_fw2.c >>> @@ -67,6 +67,7 @@ >>> #include <net/route/nhop.h> >>> #include <net/pfil.h> >>> #include <net/vnet.h> >>> +#include <net/if_gif.h> >>> #include <net/if_pfsync.h> >>>=20 >>> #include <netpfil/pf/pf_mtag.h> >>> @@ -1717,6 +1718,12 @@ do { \ >>> PULLUP_TO(hlen, ulp, struct ip); >>> break; >>>=20 >>> + case IPPROTO_ETHERIP: /* RFC 3378 */ >>> + PULLUP_LEN(hlen, ulp, >>> + sizeof(struct etherip_header) + >>> + sizeof(struct ether_header)); >>> + break; >>> + >>> case IPPROTO_PFSYNC: >>> PULLUP_TO(hlen, ulp, struct pfsync_header); >>> break; =20 >>=20 >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7CCC215D-E9EF-49CD-95A1-F2D5215AD268>