From owner-freebsd-questions@freebsd.org Sat Jul 8 08:20:21 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3073ED93FC4 for ; Sat, 8 Jul 2017 08:20:21 +0000 (UTC) (envelope-from willsznet@gmail.com) Received: from mail-pf0-x241.google.com (mail-pf0-x241.google.com [IPv6:2607:f8b0:400e:c00::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DF6D678857 for ; Sat, 8 Jul 2017 08:20:20 +0000 (UTC) (envelope-from willsznet@gmail.com) Received: by mail-pf0-x241.google.com with SMTP id z6so7500510pfk.3 for ; Sat, 08 Jul 2017 01:20:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:organization:message-id:mime-version :content-transfer-encoding:content-language:thread-index; bh=p65D4mOfhe/J7jO3zbg8qFmASfrdbIQj6lSp1sMsCAg=; b=qrJ2pgqvYVgqi1Z7M0jJdi0NFWCZJ7kphoPwbrtSPr3W1kQtOpo8IY/cieaJ0M+Xbm UbtLvUpEZ5jA9qDqhjAGfvptMGjeYKrz2BTFifBBI7q4ix9sLUxVsNfnKXOwhhooIgYO a2c/nfi2ZuJ2DTD5fjvMrScfYV2OMf4K9E59oUtsQ47Mzo8r5fIsHmV78lwxsmqVSmNj CNJNsoAsF0ro9kifJ+caSizzHYZ5Ke5IStUaQNYDi++IAO/M6KgmXiSzi89OWGsFbgpZ gi4dEI9kMc6VFgEyvHIwz89IYg0ePsQpo9xeUwoWaREhPordU7yqkOYT8FkT1adk9+Wl I/Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:organization:message-id :mime-version:content-transfer-encoding:content-language :thread-index; bh=p65D4mOfhe/J7jO3zbg8qFmASfrdbIQj6lSp1sMsCAg=; b=KocjxJYPUjanHYmbtu5MN6sFjiDa++XmSjzheUViqp2Uw5wvZpLFMIoDc7hCvzL6bj pxXTBI5iFpC79aWUxydEy3Fk4tgB2CcbogjBRij2e+ETrMBB7wDbNULVUuvQ+oGSqflX ZBa8pUDK5Qz5rsFGE0ldMdJSNRWQK4eq9Zb6THdFbh9LjIdoL2qSVgYNjTHQ2ysfLumy 641bjZLPuHtZC1dpzZ0OFwMBZZY7KjcXvyWXfy9gwo/wcPQiV1zaSfq7lvJp9zek74jn uvIArwc463gfGhac22ObIu1qQkN/VZv8qNM51gzinN82NEdh/5zxITyYBLtTHoiDEhww c/ug== X-Gm-Message-State: AIVw111ineysA8b82NuREo/oP1nNFyLgj1CFghOqT5bHhsPxBsxad4qX RgbKBZcP81hWec9l X-Received: by 10.84.224.199 with SMTP id k7mr7460297pln.207.1499502020274; Sat, 08 Jul 2017 01:20:20 -0700 (PDT) Received: from pcbill ([180.245.192.132]) by smtp.gmail.com with ESMTPSA id a2sm8014910pfe.101.2017.07.08.01.20.18 for (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 08 Jul 2017 01:20:19 -0700 (PDT) From: "Willsz.net" To: Subject: PF Wrong interface FreeBSD 10.3-STABLE Date: Sat, 8 Jul 2017 15:20:28 +0700 Organization: Willsz.net - Cyber Internet Station Message-ID: <000301d2f7c3$122feda0$368fc8e0$@com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Content-Language: id Thread-Index: AdL3ww2slLgnZ0JjQT2l3t5WdS2Gsw== x-cr-hashedpuzzle: 0AU= AFXJ ALii ALwS BEEk BUhZ CeZP Eh/5 EuvA FTbA FWEO GOz1 JQrT JSFB J3Vi KORH; 1; ZgByAGUAZQBiAHMAZAAtAHEAdQBlAHMAdABpAG8AbgBzAEAAZgByAGUAZQBiAHMAZAAuAG8AcgBnAA==; Sosha1_v1; 7; {A295F786-F686-4FDD-A04F-77AC6A220EDE}; dwBpAGwAbABzAHoAbgBlAHQAQABnAG0AYQBpAGwALgBjAG8AbQA=; Sat, 08 Jul 2017 08:20:26 GMT; UABGACAAVwByAG8AbgBnACAAaQBuAHQAZQByAGYAYQBjAGUAIABGAHIAZQBlAEIAUwBEACAAMQAwAC4AMwAtAFMAVABBAEIATABFAA== x-cr-puzzleid: {A295F786-F686-4FDD-A04F-77AC6A220EDE} X-Antivirus: Avast (VPS 170707-0, 07/07/2017), Outbound message X-Antivirus-Status: Clean X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Jul 2017 08:20:21 -0000 Hi, Last night I try to upgrade from FreeBSD 9.3-STABLE to FreeBSD 10.3-STABLE. Overall setup already success, but I got some PF Bug. root:~# uname -a FreeBSD ip.gw-core-rtr.willsz.net 10.3-STABLE FreeBSD 10.3-STABLE #0 r320796: Sat Jul 8 11:38:29 WIB 2017 root@ip.gw-core-rtr.willsz.net:/usr/obj/usr/src/sys/ROUTER i386 root:~# ifconfig re0: flags=8843 metric 0 mtu 1500 options=8209b ether 00:e0:4c:49:00:d4 hwaddr 00:e0:4c:49:00:d4 inet 192.168.100.254 netmask 0xffffff00 broadcast 192.168.100.255 inet 192.168.100.150 netmask 0xffffffff broadcast 192.168.100.150 inet 192.168.100.200 netmask 0xffffffff broadcast 192.168.100.200 inet 192.168.100.250 netmask 0xffffffff broadcast 192.168.100.250 media: Ethernet autoselect (100baseTX ) status: active rl0: flags=8843 metric 0 mtu 1500 options=2008 ether 00:24:01:d1:58:b4 hwaddr 00:24:01:d1:58:b4 inet 10.0.0.2 netmask 0xfffffffc broadcast 10.0.0.3 media: Ethernet autoselect (100baseTX ) status: active pflog0: flags=141 metric 0 mtu 33184 lo0: flags=8049 metric 0 mtu 16384 options=600003 inet 127.0.0.1 netmask 0xff000000 inet 127.0.0.2 netmask 0xffffffff Many droping packet in log: 1499501427.397500 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3443: Flags [R.], seq 0, ack 1, win 0, length 0 1499501427.598498 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3444: Flags [R.], seq 0, ack 1, win 0, length 0 1499501428.201500 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3430: Flags [R.], seq 0, ack 1, win 0, length 0 1499501428.362969 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 44 1499501428.399498 rule 2/0(match): block in on lo0: 74.125.68.101.80 > 192.168.100.25.49880: Flags [R.], seq 0, ack 1924445737, win 0, length 0 1499501428.677982 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 52 1499501430.045735 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 49 1499501430.172501 rule 2/0(match): block in on lo0: 205.185.216.10.80 > 192.168.100.23.49684: Flags [R.], seq 0, ack 48800057, win 0, length 0 1499501430.694302 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 272 1499501430.697938 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 48 1499501431.026500 rule 2/0(match): block in on lo0: 74.125.68.101.80 > 192.168.100.26.51118: Flags [R.], seq 0, ack 832030607, win 0, length 0 1499501431.151498 rule 2/0(match): block in on lo0: 118.97.159.25.80 > 192.168.100.100.51145: Flags [R.], seq 0, ack 4182363522, win 0, length 0 1499501431.399499 rule 2/0(match): block in on lo0: 74.125.68.101.80 > 192.168.100.25.49880: Flags [R.], seq 0, ack 1, win 0, length 0 1499501431.715840 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 269 1499501431.726029 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 45 1499501432.685388 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 52 1499501433.175501 rule 2/0(match): block in on lo0: 205.185.216.10.80 > 192.168.100.23.49684: Flags [R.], seq 0, ack 1, win 0, length 0 1499501433.787500 rule 2/0(match): block in on lo0: 118.97.159.25.80 > 192.168.100.26.51119: Flags [R.], seq 0, ack 2237026976, win 0, length 0 1499501434.078498 rule 2/0(match): block in on lo0: 74.125.68.101.80 > 192.168.100.26.51118: Flags [R.], seq 0, ack 1, win 0, length 0 1499501434.151497 rule 2/0(match): block in on lo0: 118.97.159.25.80 > 192.168.100.100.51145: Flags [R.], seq 0, ack 1, win 0, length 0 1499501434.476170 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 44 1499501434.567713 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 49 1499501435.167236 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 44 1499501435.252499 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3460: Flags [R.], seq 0, ack 1526731597, win 0, length 0 1499501435.554502 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3461: Flags [R.], seq 0, ack 1099638812, win 0, length 0 1499501435.682249 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 44 1499501435.698473 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 272 1499501435.702151 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 48 1499501436.182504 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1598: Flags [R.], seq 0, ack 2746158442, win 0, length 0 1499501436.213500 rule 2/0(match): block in on lo0: 74.125.68.102.80 > 192.168.100.24.49494: Flags [R.], seq 0, ack 2167282913, win 0, length 0 1499501436.334497 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1599: Flags [R.], seq 0, ack 2689718291, win 0, length 0 1499501436.334499 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1600: Flags [R.], seq 0, ack 972241888, win 0, length 0 1499501436.630510 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1601: Flags [R.], seq 0, ack 2544069355, win 0, length 0 1499501436.688502 rule 2/0(match): block in on re0: 192.168.100.24.14033 > 114.125.217.176.14228: UDP, length 52 1499501436.752081 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 269 1499501436.767871 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 45 1499501436.877498 rule 2/0(match): block in on lo0: 118.97.159.25.80 > 192.168.100.26.51119: Flags [R.], seq 0, ack 1, win 0, length 0 1499501437.399498 rule 2/0(match): block in on lo0: 74.125.68.101.80 > 192.168.100.25.49880: Flags [R.], seq 0, ack 1, win 0, length 0 1499501438.023504 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1602: Flags [R.], seq 0, ack 936358664, win 0, length 0 1499501438.258498 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3460: Flags [R.], seq 0, ack 1, win 0, length 0 1499501438.288500 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1603: Flags [R.], seq 0, ack 3856649628, win 0, length 0 1499501438.545792 rule 2/0(match): block in on rl0: 114.125.217.176.14228 > 10.0.0.2.53618: UDP, length 49 1499501438.560501 rule 2/0(match): block in on lo0: 23.41.75.27.80 > 192.168.100.8.3461: Flags [R.], seq 0, ack 1, win 0, length 0 1499501439.105498 rule 2/0(match): block in on lo0: 172.217.24.110.80 > 192.168.100.2.1598: Flags [R.], seq 0, ack 1, win 0, length 0 This's weired with loopback interface with public IPADDR. pf.conf already import from 9.3-STABLE with no problem in last 4 years ago. Anyone got same problem? Any suggestion for this issue? Thank You --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus