[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796 --- Comment #15 from Cy Schubert --- That's perfect, thank you. I'll do some testing here. I suspect the cause is similar to a panic I am working on. Use your patch or the improved patch I posted here while I dig into the root cause. -- Y

[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796 --- Comment #14 from WHR --- Good news. I has reproduced this bug in a FreeBSD 13.0-CURRENT r349753 testing VM. The steps are: kldload ipl.ko ifconfig tun0 plumb ifconfig tun1 plumb echo "pass in quick reply-to tun0:10.1.1.1 on tun0 proto

Re: ipfilter not creating entries in the state table

Any chance someone with a better understanding of how stateful firewall rules work able to take a look at this with me? I'm trying to make my firewall ruleset rock solid in the long run and this is one of the occasions where Ihaven't been able to do so yet. Any comment appreciated! Steffen On We

[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796 --- Comment #13 from Cy Schubert --- Unfortunately I cannot accept patches until I can reproduce the problem here. I have tested the rule in a VM with INVARIANTS and on my production firewall without INVARIANTS. I am unable to verify that t

panic on epair destroy in current as of r349853, jail related

Hi, I updated from r347365 to r349853. Now I get a panic on epair destroy (one end needs to be in a jail, and inside the jail an IP address needs to be assigned to the epair. If no ifconfig is used inside the jail, there is no panic. Another user reported something similar (but for him it

Re: Issues with TCP Timestamps allocation

> On 9. Jul 2019, at 14:58, Paul wrote: > > Hi Michael, > > 9 July 2019, 15:34:29, by "Michael Tuexen" : > >> >> >>> On 8. Jul 2019, at 17:22, Paul wrote: >>> >>> >>> >>> 8 July 2019, 17:12:21, by "Michael Tuexen" : >>> > On 8. Jul 2019, at 15:24, Paul wrote: > > Hi Mich

[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796 --- Comment #12 from WHR --- (In reply to Cy Schubert from comment #11) Although this bug is always reproduce on that particular machine, with both 12.0-STABLE and 13.0-CURRENT kernels, I failed to reproduce it on a testing VM. I plan to i

Re[2]: Issues with TCP Timestamps allocation

Hi Michael, 9 July 2019, 15:34:29, by "Michael Tuexen" : > > > > On 8. Jul 2019, at 17:22, Paul wrote: > > > > > > > > 8 July 2019, 17:12:21, by "Michael Tuexen" : > > > >>> On 8. Jul 2019, at 15:24, Paul wrote: > >>> > >>> Hi Michael, > >>> > >>> 8 July 2019, 15:53:15, by "Michael Tuex

Re: Issues with TCP Timestamps allocation

> On 8. Jul 2019, at 17:22, Paul wrote: > > > > 8 July 2019, 17:12:21, by "Michael Tuexen" : > >>> On 8. Jul 2019, at 15:24, Paul wrote: >>> >>> Hi Michael, >>> >>> 8 July 2019, 15:53:15, by "Michael Tuexen" : >>> > On 8. Jul 2019, at 12:37, Paul wrote: > > Hi team, >

[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796 --- Comment #11 from Cy Schubert --- Unfortunately I cannot accept a patch for something I cannot reproduce. AFAIAC your patch does not fix any bug. Help me reproduce it here then. A patch for something I cannot verify or reproduce is not

[Bug 238796] ipfilter: fix unremovable rules and rules checksum for comparison

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796 WHR changed: What|Removed |Added Status|Closed |Open Resolution|Not A Bug