relayd redirect uses anchor/redirection name as table name

Default -current relayd(8) installs pf(4) rules with wrong table names. Minimal reproducer: # cat /etc/relayd.conf table { openbsd.org } redirect "myRedirect" { listen on ::1 port 80 forward to check icmp } # relayd -d &

Re: Memory Leak on 7.4 (Stable) with nginx 1.24.0 related to TLS1.3

Moin,I ran through the experiments i had suggested. As you assumed, this is indeed related to outbound TLS1.3 connections, specifically: +-+ | Config (syspatched OpenBSD 7.4) | Memleak? | +--

Re: Memory Leak on 7.4 (Stable) with nginx 1.24.0 related to TLS1.3

Excellent, that is very helpful. Here's a simpler nginx.conf to reproduce. Note that the leak goes away if you don't use Connection: Upgrade. Simple test tool: pkg_add http_load echo http://127.0.0.1:8123/ > /tmp/urls http_load -rate 100 -seconds 10 /tmp/urls worker_processes 4; work

Re: Memory Leak on 7.4 (Stable) with nginx 1.24.0 related to TLS1.3

On 2023/11/11 15:19, Stuart Henderson wrote: > Excellent, that is very helpful. > > Here's a simpler nginx.conf to reproduce. Note that the leak goes away > if you don't use Connection: Upgrade. > > Simple test tool: > > pkg_add http_load > echo http://127.0.0.1:8123/ > /tmp/urls > http_load -ra

Re: Memory Leak on 7.4 (Stable) with nginx 1.24.0 related to TLS1.3

> > > Here's a simpler nginx.conf to reproduce. Note that the leak goes > > away if you don't use Connection: Upgrade. It also goes away if you use the 'sophisticated' example from https://nginx.org/en/docs/http/websocket.html and the client does not request an upgrade. Obviously, it returns if a

Re: Memory Leak on 7.4 (Stable) with nginx 1.24.0 related to TLS1.3

> I am not really sure whether this is an openbsd/libressl issue then. > Let me test this against a linux box. Nope, does not leak. With best regards, Tobias

Re: relayd redirect uses anchor/redirection name as table name

Hello, On Sat, Nov 11, 2023 at 11:55:58AM +, Klemens Nanni wrote: > > # pfctl -a '/*' -s Tables > # I think there is a glitch in pfctl(8). It fails to traverse to anchors when it is asked to show tables. however table is there if you search for it using hints:

Re: relayd redirect uses anchor/redirection name as table name

Hello, > > ftp -o- http://[::1]/ > Trying ::1... > ftp: connect: Connection refused > > Another problem might be the ftp client will use loopback address as a source address for connection. You may try to override it by using '-s $NETWPRK_IF_IP' option. When

Re: relayd redirect uses anchor/redirection name as table name

On Sat, Nov 11, 2023 at 06:00:13PM +0100, Alexandr Nedvedicky wrote: > I think there is a glitch in pfctl(8). It fails to traverse > to anchors when it is asked to show tables. however table > is there if you search for it using hints: Yes, that's a pfctl(8) bug, it's '-a' defines rec

Re: pkg_add -IQ does not show single-line comment for packages matching query

On Fri, Nov 10, 2023 at 8:30 PM Morgan Aldridge wrote: > >Synopsis: pkg_add -IQ does not show single-line comment for packages > matching query > >Category: system > >Environment: > System : OpenBSD 7.4 > Details : OpenBSD 7.4-stable (GENERIC.MP) #0: Sun Oct 29 17:05:47 EDT > 2023 > line