From nobody Wed Dec 11 23:40:27 2024
X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Y7sY33sgbz5gf5x
	for <freebsd-current@mlmmj.nyi.freebsd.org>; Wed, 11 Dec 2024 23:40:39 +0000 (UTC)
	(envelope-from junchoon@dec.sakura.ne.jp)
Received: from www121.sakura.ne.jp (www121.sakura.ne.jp [153.125.133.21])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Y7sY26MNvz47g8;
	Wed, 11 Dec 2024 23:40:38 +0000 (UTC)
	(envelope-from junchoon@dec.sakura.ne.jp)
Authentication-Results: mx1.freebsd.org;
	none
Received: from kalamity.joker.local (124-18-43-234.area1a.commufa.jp [124.18.43.234])
	(authenticated bits=0)
	by www121.sakura.ne.jp (8.17.1/8.17.1/[SAKURA-WEB]/20201212) with ESMTPA id 4BBNeRCF052877;
	Thu, 12 Dec 2024 08:40:28 +0900 (JST)
	(envelope-from junchoon@dec.sakura.ne.jp)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dec.sakura.ne.jp;
	s=s2405; t=1733960429;
	bh=qFtkpEEK0ihXBRsHbzkXu98ujioFmoQnLYNU4d55iVs=;
	h=Date:From:To:Cc:Subject:In-Reply-To:References;
	b=J8435l4m9HrCfN+t8am/6UkuFijIGEEwu1KwDN+mh93IZWlbpSi/jNjUqYOEP1ZXI
	 bZYTXhfVSbCaLho9XV32sEjt/k7zHl8mwgK6zc7dPZSvnC32q+TzMuImYUmWlVF1sC
	 MXytAsJ7KsorYpBYIFVTR7kAuayrXXaAs39gAAq8=
Date: Thu, 12 Dec 2024 08:40:27 +0900
From: Tomoaki AOKI <junchoon@dec.sakura.ne.jp>
To: Ronald Klop <ronald@FreeBSD.org>
Cc: Juraj Lutter <otis@FreeBSD.org>, FreeBSD User <freebsd@walstatt-de.de>,
        freebsd-current@freebsd.org,
        Richard Scheffenegger <rscheff@FreeBSD.org>
Subject: Re: (ipfw) Re: HELP! fetch: stuck forever OR error: RPC failed:
 curl 56 recv failure: Operation timed out
Message-Id: <20241212084027.8f3aa854426aaa98e3fd68d1@dec.sakura.ne.jp>
In-Reply-To: <f37a769d-99ea-4bd8-ba93-e7a7425c940b@FreeBSD.org>
References: <20241206034709.4dd32cc5@thor.intern.walstatt.dynvpn.de>
	<279848701.11738.1733510402875@localhost>
	<20241206210947.3ae835e4@thor.intern.walstatt.dynvpn.de>
	<f8952585-4b68-4cfd-a60f-1ebbd7f2545f@FreeBSD.org>
	<8E43EAA1-BA3E-4655-ACE1-2E4523E901DE@FreeBSD.org>
	<20241209214314.2443b590d774423a2b97f0a8@dec.sakura.ne.jp>
	<20241209174541.39c286f5@thor.intern.walstatt.dynvpn.de>
	<20241210022710.88c9087dd7cb09774507f232@dec.sakura.ne.jp>
	<20241209191947.39ac4843@thor.intern.walstatt.dynvpn.de>
	<6B720B82-09EF-4208-B814-B6BD75FC2F0E@FreeBSD.org>
	<f37a769d-99ea-4bd8-ba93-e7a7425c940b@FreeBSD.org>
Organization: Junchoon corps
X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.33; amd64-portbld-freebsd14.1)
List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-current
List-Help: <mailto:freebsd-current+help@freebsd.org>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Subscribe: <mailto:freebsd-current+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-current+unsubscribe@freebsd.org>
Sender: owner-freebsd-current@FreeBSD.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:7684, ipnet:153.125.128.0/18, country:JP]
X-Rspamd-Queue-Id: 4Y7sY26MNvz47g8
X-Spamd-Bar: ----

On Wed, 11 Dec 2024 14:25:02 +0100
Ronald Klop <ronald@FreeBSD.org> wrote:

> Op 09-12-2024 om 19:24 schreef Juraj Lutter:
> > 
> > 
> >> On 9 Dec 2024, at 19:19, FreeBSD User <freebsd@walstatt-de.de> wrote:
> >>
> >> Am Tue, 10 Dec 2024 02:27:10 +0900
> >> Tomoaki AOKI <junchoon@dec.sakura.ne.jp> schrieb:
> >>
> >> My apology for topposting.
> >>
> >> The host I first realised the problems is updated on an almost daily basis and the issue
> >> reported started last weekend.
> >>
> >> A possible candidate could be
> >>
> >> https://cgit.freebsd.org/src/commit/sys/netpfil/ipfw?id=0fc7bdc978366abb4351b0b76b50a5848cc5d982
> >>
> >> since the other, younger, seem innocent. I try to revert the patch mentioned and see ...
> > 
> > Try to only revert the ip_fw_nat.c part at first.
> > 
> > —
> > Juraj Lutter
> > otis@FreeBSD.org
> > 
> 
> 
> Hi,
> 
> I did a bisect of commits and my finding is that commit 347dd053 on 2024-11-29 is the cause.
> 
> "tcp: add TH_AE capabilities to ppp and pf"
> https://github.com/freebsd/freebsd-src/commit/347dd0539f3a75fdf2128dd4620ca99e96f311e9
> 
> The commit before (0fc7bdc978) works fine.
> 
> I cc'ed the author of the commit.
> (for context: start of the thread is here: https://lists.freebsd.org/archives/freebsd-current/2024-December/006778.html, it looks like the commit breaks a statefull ipfw firewall)
> 
> Regards,
> Ronald.

Ah, completely missed to check sys/netpfil/ipfilter/netinet directory.
And intentionally dropped to check on sys/netpfil, as checking log
there would pull in too many noises only related with pf.

And even if I've not missed sys/netpfil/ipfilter/netinet, I'm almost
sure I've overlooked the commit, as the top of its commit log (shown in
https://cgit.freebsd.org/src/log/sys/netpfil/ipfilter/netinet) only
states about ppp and pf.

-- 
Tomoaki AOKI    <junchoon@dec.sakura.ne.jp>