[Bug 217920] [PATCH] ipfilter discard bytes - 3072 instead of 1024

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920 Cy Schubert changed: What|Removed |Added Assignee|freebsd-net@FreeBSD.org |c...@freebsd.org -- You are receivi

[Bug 217782] sys/dev/bhnd/cores/pmu/bhnd_pmu_subr.c: PVS-Studio: Assignment to Variable without Use (CWE-563) (3)

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217782 Ed Maste changed: What|Removed |Added CC||ema...@freebsd.org Status|N

[Bug 217920] [PATCH] ipfilter discard bytes - 3072 instead of 1024

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920 Ed Maste changed: What|Removed |Added Assignee|freebsd-b...@freebsd.org|freebsd-net@FreeBSD.org -- You are rec

[Bug 217920] [PATCH] ipfilter discard bytes - 3072 instead of 1024

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920 Ed Maste changed: What|Removed |Added CC||ema...@freebsd.org Status|N

[Bug 218005] sys/netinet/sctp_pcb.c: PVS-Studio: Unreachable code detected (CWE-561)

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=218005 Ed Maste changed: What|Removed |Added CC||ema...@freebsd.org --- Comment #2 from

[Bug 198580] Kernel panic when destroying VLANs with traffic

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198580 Matt Joras changed: What|Removed |Added Status|New |Closed CC|

[Bug 220980] [panic] panic when destroying vlan interface with traffic

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220980 Matt Joras changed: What|Removed |Added Status|Open|In Progress Assignee|freebs

Re: NAT before IPSEC - reply packets stuck at enc0

2017-07-26 Thread Andrey V. Elsukov
On 26.07.2017 15:33, Muenz, Michael wrote: >> Also, since your policies uses "unique" level, you need to specify the >> same level using "unique:N" syntax. >> >> Also if it is interesting to you, I patched ipfw_nat to be able specify >> needed direction. The patch is untested at all :) >> https

Re: NAT before IPSEC - reply packets stuck at enc0

2017-07-26 Thread Muenz, Michael
Am 26.07.2017 um 12:20 schrieb Andrey V. Elsukov: On 26.07.2017 12:47, Muenz, Michael wrote: When I type setkey -PD I get: 10.24.66.0/24[any] 10.26.1.0/24[any] any in ipsec esp/tunnel/81.24.74.3-213.244.192.191/unique:2 created: Jul 26 11:03:53 2017 lastused: Jul 26

Re: NAT before IPSEC - reply packets stuck at enc0

2017-07-26 Thread Andrey V. Elsukov
On 26.07.2017 12:47, Muenz, Michael wrote: > When I type setkey -PD I get: > > 10.24.66.0/24[any] 10.26.1.0/24[any] any > in ipsec > esp/tunnel/81.24.74.3-213.244.192.191/unique:2 > created: Jul 26 11:03:53 2017 lastused: Jul 26 11:40:02 2017 > lifetime: 9223372036

Re: NAT before IPSEC - reply packets stuck at enc0

2017-07-26 Thread Muenz, Michael
Am 25.07.2017 um 17:38 schrieb Andrey V. Elsukov: On 25.07.2017 17:06, Muenz, Michael wrote: As I said already, the NAT thinks that both packets are inbound and does translation for source address each time. You need to do translation for both directions on enc0 interface like I described, or yo

[Bug 220980] [panic] panic when destroying vlan interface with traffic

2017-07-26 Thread bugzilla-noreply
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220980 Harald Schmalzbauer changed: What|Removed |Added CC||bugzilla.free...@omnilan.de