On 2/17/21 22:57, Xin Li wrote:
> On 2/17/21 22:35, Kristof Provost wrote:
>> On 18 Feb 2021, at 6:01, Xin Li wrote:
>>
>> Hi,
>>
>> It appears that some change between 939430f2377 (December 31) and
>> b4bf7bdeb70 (today) on stable/12 have broken pf in a way that the
>> following ru
On 2/17/21 22:35, Kristof Provost wrote:
> On 18 Feb 2021, at 6:01, Xin Li wrote:
>
> Hi,
>
> It appears that some change between 939430f2377 (December 31) and
> b4bf7bdeb70 (today) on stable/12 have broken pf in a way that the
> following rule:
>
> block in quick proto tcp f
On 18 Feb 2021, at 6:01, Xin Li wrote:
Hi,
It appears that some change between 939430f2377 (December 31) and
b4bf7bdeb70 (today) on stable/12 have broken pf in a way that the
following rule:
block in quick proto tcp from any os "Linux" to any port ssh
would get interpreted as:
block drop in q
Hi,
It appears that some change between 939430f2377 (December 31) and
b4bf7bdeb70 (today) on stable/12 have broken pf in a way that the
following rule:
block in quick proto tcp from any os "Linux" to any port ssh
would get interpreted as:
block drop in quick proto tcp from any to any port = 22
Fatal trap 9: general protection fault while in kernel mode
cpuid = 8; apic id = 08
instruction pointer = 0x20:0x80d455d4
stack pointer = 0x28:0xfe06facde760
frame pointer = 0x28:0xfe06facde7b0
code segment = base 0x0, limit 0xf, type 0x1b
= DPL 0, pres 1, lo
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253541
Mark Johnston changed:
What|Removed |Added
Status|New |Open
Assignee|n...@freeb
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253541
Yuichiro NAITO changed:
What|Removed |Added
CC||naito.yuich...@gmail.com
--- Comm
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253589
Mark Linimon changed:
What|Removed |Added
Assignee|b...@freebsd.org|n...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253583
Mark Linimon changed:
What|Removed |Added
Keywords||IntelNetworking
Assignee|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238741
Michael Tuexen changed:
What|Removed |Added
Status|New |In Progress
--- Comment #3 from M
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250363
--- Comment #4 from Michael Tuexen ---
Here is a script which shows what should happen according to RFC 793 and what
happens on FreeBSD main. I just tested the script:
0.000 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3
+0.000 fcntl(3, F_GETF
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250363
--- Comment #3 from Richard Scheffenegger ---
Reading 793bis, it makes it clear that your understanding is actually correct,
data on syn,ack has been historically allowed.
However, it seems like the SYN bit should elicit an ACK for itself,
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250363
--- Comment #2 from Michael Tuexen ---
(In reply to Richard Scheffenegger from comment #1)
This report is not about TFO... Are you sure it is not allowed? My reading of
RFC 793 is as follows. We are in SYN-SENT. So we are on page 66. The ne
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253541
Raúl changed:
What|Removed |Added
CC||raul.mu...@custos.es
--- Comment #1 from Ra
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250363
--- Comment #1 from Richard Scheffenegger ---
With TFO, this codepath would be valid - but without TFO, data on SYN,ACK
should be rejected.
--
You are receiving this mail because:
You are on the CC list for the bug.
__
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=235031
--- Comment #40 from Marko Cupać ---
Hi,
I just got advice to try and disable LRO on em0 interface with base driver, and
it resulted in acceptable performance in my VirtualBox VMs with bridged
networking.
I noticed different options betwe
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=235031
Marko Cupać changed:
What|Removed |Added
CC||marko.cu...@mimar.rs
--- Comment #39
17 matches
Mail list logo
