From owner-freebsd-pf@FreeBSD.ORG Sun Dec 22 18:56:24 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2510178 for ; Sun, 22 Dec 2013 18:56:24 +0000 (UTC) Received: from sasl.smtp.pobox.com (a-pb-sasl-quonix.pobox.com [208.72.237.25]) by mx1.freebsd.org (Postfix) with ESMTP id 8F08E113E for ; Sun, 22 Dec 2013 18:56:24 +0000 (UTC) Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 24AEFF1C0 for ; Sun, 22 Dec 2013 13:56:15 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date :message-id:from:to:subject:mime-version:content-type :content-transfer-encoding; s=sasl; bh=+FKiYAQHonJWZqZd4wdwDFnI+ rs=; b=QuEZYT23wlwivg5QpHLK4lK1RZsf2Tmwu1UlQwkq/4TdnjOIGW/Hb3tvs nPg/0gAplwHirTjsMPpSdlV7wug89GWzRsZ76/PBAaN/qLJ853NnrT5qsb4sy6c3 GTDVLz93WcjNsGEWUryREIiIm6AD6hu+JwcJ2OAxbtWqn9PeI4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:message-id :from:to:subject:mime-version:content-type :content-transfer-encoding; q=dns; s=sasl; b=wDprJ7I4pYIE3oAf/Vs D2d5xaSd7lGNwmx9gz8h+UbT2fX7UOryTNz58YLgxXvfummtHx6+I7NEw4r51s1z YNZIIm1AbiT7fNwhaIsAg27AgipJapQv8ZP6Gikqm7Ezv1qTJy9fYqlaqz15Fl0P LZyt86nKLmnB/buqJdLuSQp8= Received: from a-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 1BDDFF1BF for ; Sun, 22 Dec 2013 13:56:15 -0500 (EST) Received: from bmach.nederware.nl (unknown [27.252.206.242]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPA id 70089F1BE for ; Sun, 22 Dec 2013 13:56:14 -0500 (EST) Received: from quadrio.nederware.nl (quadrio.nederware.nl [192.168.33.13]) by bmach.nederware.nl (Postfix) with ESMTP id F256B3A3E8 for ; Mon, 23 Dec 2013 07:56:02 +1300 (NZDT) Received: from quadrio.nederware.nl (quadrio.nederware.nl [127.0.0.1]) by quadrio.nederware.nl (Postfix) with ESMTP id 80E8F4A11CDA for ; Mon, 23 Dec 2013 07:56:02 +1300 (NZDT) Date: Mon, 23 Dec 2013 07:56:02 +1300 Message-ID: <87sitku33x.wl%berend@pobox.com> From: Berend de Boer To: freebsd-pf@freebsd.org Subject: Network severely unstable 10.0-PRERELEASE User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/24.3 (i686-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) Organization: Xplain Technology Ltd MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: multipart/signed; boundary="pgp-sign-Multipart_Mon_Dec_23_07:56:01_2013-1"; micalg=pgp-sha256; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit X-Pobox-Relay-ID: BB39FB34-6B3A-11E3-A2E1-873F0E5B5709-48001098!a-pb-sasl-quonix.pobox.com X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Dec 2013 18:56:25 -0000 --pgp-sign-Multipart_Mon_Dec_23_07:56:01_2013-1 Content-Type: text/plain; charset=US-ASCII Hi All, pf has not worked well for me after version 8. Certain rules crash the kernel (http://www.freebsd.org/cgi/query-pr.cgi?pr=misc/182141). Avoiding these rules gave me something that at least kept the system alive on a 10-CURRENT. But since the RC versions my system stays up for only a few days, before I need a reboot as network connectivity gets reset. It's the modem (pppoe), every few minutes all tcp (?) connections get dropped somehow. A reboot fixes it for a week or so. I have no clue how to debug this. But I'm getting pretty scared of pf, and going back to ipfw might seem best. What are people's thoughts on pf in FreeBSD, does it have a future? Are there people working on pf? Should I simply forget about it, and go back to ipfw? -- All the best, Berend de Boer --pgp-sign-Multipart_Mon_Dec_23_07:56:01_2013-1 Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit Content-Description: OpenPGP Digital Signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iQIcBAABCAAGBQJStzXBAAoJEKOfeD48G3g5/v8P/2m3IdMWkIh2pVZC2jHyza0Y LjMKSBLGDszeuCHhsjaHSKMFFkmTFgmHc+hR6O3678/lODGNyv22KBHgr3fPBqLd cLOezN5IYa+0P7NN0rwtSkzb1sQRxBomIzRDLFzlvo13oRVLcN1U0pq9Fj+s04yN ZqDWyfUzR5hEWRSD6eE97Rdz1n/sRucbYBT1GOZiqN2HFg9Jo0jVkVHS0QzijR59 TF/UNWDBOKlGlU27N09vg/deBTM4yn++PifpfRleWrr4vRvPJNX4ufyzaIFkd6GE 2Tkk8Yxbdh6+ikNPCEHGbeiK2h4/nEsQ8B7pu1E9K1WR6RX+OpZ8lQzIf5A8/FjK ij2F9MPiYg/+THiolFWl3owhU8EQMcb/Xi3wtVUdm+D4YZIcQMReubxpsnDjHMNA kI/Np+oZqznMdjDY9w6TiGNntpTb5X7iugmnVIK/RHwy6KnWnQFux/fi5mXfdJEE 8fDb5SN19UyGFdZPbFreyXMoeuI4O6H41JnO8c/OQtir8/O3sn572rq/6dLs37za T/m1ak+iXeQDbKQete2nV7WFI6dczncdLim/oXdkjhR7OgJneLGowhZ5KDLhRgWD FA02a5RtIDMLJDGLNlhlndajF3cEVLVp3fCGYp9M4hHvQqDlRIkokQNYJC3RZXNc xKPBF+ymFv12inFD9GSh =J1Bi -----END PGP SIGNATURE----- --pgp-sign-Multipart_Mon_Dec_23_07:56:01_2013-1--