Re: kern/157867: commit references a PR

2011-06-14 Thread dfilter service 
The following reply was made to PR kern/157867; it has been noted by GNATS.

From: dfil...@freebsd.org (dfilter service)
To: bug-follo...@freebsd.org
Cc:  
Subject: Re: kern/157867: commit references a PR
Date: Tue, 14 Jun 2011 13:35:34 + (UTC)

 Author: ae
 Date: Tue Jun 14 13:35:24 2011
 New Revision: 223080
 URL: http://svn.freebsd.org/changeset/base/223080
 
 Log:
   Implement "global" mode for ipfw nat. It is similar to natd(8)
   "globalport" option for multiple NAT instances.
   
   If ipfw rule contains "global" keyword instead of nat_number, then
   for each outgoing packet ipfw_nat looks up translation state in all
   configured nat instances. If an entry is found, packet aliased
   according to that entry, otherwise packet is passed unchanged.
   
   User can specify "skip_global" option in NAT configuration to exclude
   an instance from the lookup in global mode.
   
   PR:  kern/157867
   Submitted by:Alexander V. Chernikov (previous version)
   Tested by:   Eugene Grosbein
 
 Modified:
   head/sbin/ipfw/ipfw.8
   head/sbin/ipfw/ipfw2.c
   head/sbin/ipfw/ipfw2.h
   head/sbin/ipfw/nat.c
   head/sys/netinet/ipfw/ip_fw2.c
   head/sys/netinet/ipfw/ip_fw_nat.c
   head/sys/netinet/libalias/alias.h
 
 Modified: head/sbin/ipfw/ipfw.8
 ==
 --- head/sbin/ipfw/ipfw.8  Tue Jun 14 13:02:26 2011(r223079)
 +++ head/sbin/ipfw/ipfw.8  Tue Jun 14 13:35:24 2011(r223080)
 @@ -1,7 +1,7 @@
  .\"
  .\" $FreeBSD$
  .\"
 -.Dd May 30, 2011
 +.Dd June 14, 2011
  .Dt IPFW 8
  .Os
  .Sh NAME
 @@ -2435,6 +2435,27 @@ Reset table of the packet aliasing engin
  Reverse the way libalias handles aliasing.
  .It Cm proxy_only
  Obey transparent proxy rules only, packet aliasing is not performed.
 +.It Cm skip_global
 +Skip instance in case of global state lookup (see below).
 +.El
 +.Pp
 +Some specials value can be supplied instead of
 +.Va nat_number:
 +.Bl -tag -width indent
 +.It Cm global
 +Looks up translation state in all configured nat instances.
 +If an entry is found, packet is aliased according to that entry.
 +If no entry was found in any of the instances, packet is passed unchanged,
 +and no new entry will be created.
 +See section
 +.Sx MULTIPLE INSTANCES
 +in
 +.Xr natd 8
 +for more information.
 +.It Cm tablearg
 +Uses argument supplied in lookup table. See
 +.Sx LOOKUP TABLES
 +section below for more information on lookup tables.
  .El
  .Pp
  To let the packet continue after being (de)aliased, set the sysctl variable
 
 Modified: head/sbin/ipfw/ipfw2.c
 ==
 --- head/sbin/ipfw/ipfw2.c Tue Jun 14 13:02:26 2011(r223079)
 +++ head/sbin/ipfw/ipfw2.c Tue Jun 14 13:35:24 2011(r223080)
 @@ -1121,8 +1121,11 @@ show_ipfw(struct ip_fw *rule, int pcwidt
break;
  
case O_NAT:
 -  PRINT_UINT_ARG("nat ", cmd->arg1);
 -  break;
 +  if (cmd->arg1 != 0)
 +  PRINT_UINT_ARG("nat ", cmd->arg1);
 +  else
 +  printf("nat global");
 +  break;
  
case O_SETFIB:
PRINT_UINT_ARG("setfib ", cmd->arg1);
 @@ -2738,9 +2741,14 @@ ipfw_add(char *av[])
break;
  
case TOK_NAT:
 -  action->opcode = O_NAT;
 -  action->len = F_INSN_SIZE(ipfw_insn_nat);
 -  goto chkarg;
 +  action->opcode = O_NAT;
 +  action->len = F_INSN_SIZE(ipfw_insn_nat);
 +  if (_substrcmp(*av, "global") == 0) {
 +  action->arg1 = 0;
 +  av++;
 +  break;
 +  } else
 +  goto chkarg;
  
case TOK_QUEUE:
action->opcode = O_QUEUE;
 
 Modified: head/sbin/ipfw/ipfw2.h
 ==
 --- head/sbin/ipfw/ipfw2.h Tue Jun 14 13:02:26 2011(r223079)
 +++ head/sbin/ipfw/ipfw2.h Tue Jun 14 13:35:24 2011(r223080)
 @@ -178,6 +178,7 @@ enum tokens {
TOK_DENY_INC,
TOK_SAME_PORTS,
TOK_UNREG_ONLY,
 +  TOK_SKIP_GLOBAL,
TOK_RESET_ADDR,
TOK_ALIAS_REV,
TOK_PROXY_ONLY,
 
 Modified: head/sbin/ipfw/nat.c
 ==
 --- head/sbin/ipfw/nat.c   Tue Jun 14 13:02:26 2011(r223079)
 +++ head/sbin/ipfw/nat.c   Tue Jun 14 13:35:24 2011(r223080)
 @@ -53,6 +53,7 @@ static struct _s_x nat_params[] = {
{ "deny_in",TOK_DENY_INC },
{ "same_ports", TOK_SAME_PORTS },
{ "unreg_only", TOK_UNREG_ONLY },
 +  { "skip_global",TOK_SKIP_GLOBAL },
{ "reset",  TOK_

Re: kern/152360: [dummynet] [panic] Crash related to dummynet.

2011-06-14 Thread Pawel Tyll 
The following reply was made to PR kern/152360; it has been noted by GNATS.

From: Pawel Tyll 
To: bug-follo...@freebsd.org, pt...@nitronet.pl
Cc:  
Subject: Re: kern/152360: [dummynet] [panic] Crash related to dummynet.
Date: Tue, 14 Jun 2011 16:10:52 +0200

 Hi,
 
 It has been fixed already. Thanks.
 
 Kind regards.
 
 
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

Re: kern/152360: [dummynet] [panic] Crash related to dummynet.

2011-06-14 Thread ae 
Synopsis: [dummynet] [panic] Crash related to dummynet.

State-Changed-From-To: open->closed
State-Changed-By: ae
State-Changed-When: Tue Jun 14 14:52:41 UTC 2011
State-Changed-Why: 
Submitter has confirmed that the problem is already fixed.

http://www.freebsd.org/cgi/query-pr.cgi?pr=152360
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

Re: kern/157867: [patch][ipfw] natd globalport support for ipfw nat

2011-06-14 Thread ae 
Synopsis: [patch][ipfw] natd globalport support for ipfw nat

State-Changed-From-To: open->patched
State-Changed-By: ae
State-Changed-When: Tue Jun 14 14:55:08 UTC 2011
State-Changed-Why: 
Patched in head/. Thanks!

http://www.freebsd.org/cgi/query-pr.cgi?pr=157867
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

Re: kern/122109: [ipfw] ipfw nat traceroute problem

2011-06-14 Thread ten 
The following reply was made to PR kern/122109; it has been noted by GNATS.

From: ten 
To: "Andrey V. Elsukov" , bug-follo...@freebsd.org
Cc:  
Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem
Date: Tue, 14 Jun 2011 22:32:03 +0700

 --000e0cd2bd02de68fe04a5adbcee
 Content-Type: text/plain; charset=ISO-8859-1
 
 Yes, works. Thanks.
 
 On 06.06.2011 14:31, Andrey V. Elsukov wrote:
 
 > On 06.06.2011 18:50, ten wrote:
 > > Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem
 > > Date: Mon, 6 Jun 2011 21:38:36 +0700
 > >
 > >  --000e0cd22f68002b4704a50c0f97
 > >  Content-Type: text/plain; charset=ISO-8859-1
 > >
 > >  It seems I have too old version, and patch not applicable to me
 > >
 > >  7.3-STABLE FreeBSD 7.3-STABLE #2 amd64
 >
 > I adapted the patch for stable/7:
 > http://people.freebsd.org/~ae/ipfw_nat7.diff
 >
 > --
 > WBR, Andrey V. Elsukov
 >
 >
 
 --000e0cd2bd02de68fe04a5adbcee
 Content-Type: text/html; charset=ISO-8859-1
 Content-Transfer-Encoding: quoted-printable
 
 Yes, works. Thanks.On 06.06.2011 14:31, =
 Andrey V. Elsukov wrote:On 06.06.2011 1=
 8:50, ten wrote:
 
 > Subject: Re: kern/122109: [ipfw] ipfw nat traceroute problem
 > Date: Mon, 6 Jun 2011 21:38:36 +0700
 >
 > =A0--000e0cd22f68002b4704a50c0f97
 > =A0Content-Type: text/plain; charset=3DISO-8859-1
 >
 > =A0It seems I have too old version, and patch not applicable to me
 >
 > =A07.3-STABLE FreeBSD 7.3-STABLE #2 amd64
 
 I adapted the patch for stable/7:
 http://people.freebsd.org/%7Eae/ipfw_nat7.diff"; target=3D"_blank=
 ">http://people.freebsd.org/~ae/ipfw_nat7.diff
 
 --
 WBR, Andrey V. Elsukov
 
 
 
 --000e0cd2bd02de68fe04a5adbcee--
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"