Status|Open|In Progress
--- Comment #2 from Jose Luis Duran ---
Created attachment 254881
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=254881&action=edit
ipfilter: Avoid stopping with a lock held
Proposed patch based on comment #1.
--
You are re
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=282478
Mark Johnston changed:
What|Removed |Added
Status|New |Open
CC|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=282478
Mark Linimon changed:
What|Removed |Added
Assignee|b...@freebsd.org|n...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
Cy Schubert changed:
What|Removed |Added
Status|In Progress |Closed
Resolution|---
Author: Cy Schubert
AuthorDate: 2023-02-02 00:49:08 +
Commit: Cy Schubert
CommitDate: 2023-02-09 21:20:51 +
ipfilter: Fix use after free on packet with broken lengths
Under the scenario with a packet with length of 67 bytes, a header length
using the default of 20 bytes
: Cy Schubert
AuthorDate: 2023-02-02 00:49:08 +
Commit: Cy Schubert
CommitDate: 2023-02-09 21:19:41 +
ipfilter: Fix use after free on packet with broken lengths
Under the scenario with a packet with length of 67 bytes, a header length
using the default of 20 bytes and
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
--- Comment #8 from Cy Schubert ---
It was indeed an IP Filter bug. It was not telling pfil to drop the packet when
m_pullup() had freed the mbuf chain while failing. The bug likely exists in
NetBSD too. I've sent them an email.
This ticke
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
--- Comment #7 from Robert Morris ---
(In reply to Cy Schubert from comment #3)
The latest kernel source (as of Feb 3) makes the reported crash
go away when I try it.
--
You are receiving this mail because:
You are on the CC list for the
: Cy Schubert
AuthorDate: 2023-02-02 00:49:08 +
Commit: Cy Schubert
CommitDate: 2023-02-02 17:41:22 +
ipfilter: Fix use after free on packet with broken lengths
Under the scenario with a packet with length of 67 bytes, a header length
using the default of 20 bytes and a
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
Cy Schubert changed:
What|Removed |Added
Status|Open|In Progress
--
You are receiving th
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
Cy Schubert changed:
What|Removed |Added
Attachment #239853|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
Cy Schubert changed:
What|Removed |Added
Attachment #239852|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
--- Comment #3 from Cy Schubert ---
Created attachment 239852
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=239852&action=edit
Notify pfil of dropped mangled packet
Can you try this patch, please. Though it fixes the problem th
|with broken lengths |with broken lengths if
||ipfilter is loaded
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
Cy Schubert changed:
What|Removed |Added
CC||c...@freebsd.org
Assignee|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266442
Mark Linimon changed:
What|Removed |Added
Assignee|b...@freebsd.org|n...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255859
Mark Johnston changed:
What|Removed |Added
Status|In Progress |Closed
Resolution|---
: Cy Schubert
AuthorDate: 2021-05-25 18:54:49 +
Commit: Cy Schubert
CommitDate: 2021-06-03 00:57:45 +
ipfilter: Fix ip_nat memory leak and use-after-free
Unfortunately the wrong elemet is freed, also resulting in use-after-free.
PR: 255859
Submitted
: Cy Schubert
AuthorDate: 2021-05-25 18:54:49 +
Commit: Cy Schubert
CommitDate: 2021-06-03 00:54:30 +
ipfilter: Fix ip_nat memory leak and use-after-free
Unfortunately the wrong elemet is freed, also resulting in use-after-free.
PR: 255859
Submitted
||mfc-stable13?,
||mfc-stable12?,
||mfc-stable11?
Summary|[Patch] ipfilter/netinent: |ipfilter/netinent: ip_nat
|Fix a memory leak in|memory
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255859
Rodney W. Grimes changed:
What|Removed |Added
CC||n...@freebsd.org
--
You are re
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255859
Cy Schubert changed:
What|Removed |Added
Assignee|n...@freebsd.org |c...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255859
Mark Johnston changed:
What|Removed |Added
Status|New |Open
CC|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255859
Mark Linimon changed:
What|Removed |Added
Assignee|b...@freebsd.org|n...@freebsd.org
--
You are receiv
Hi, All!
Sorry if this list is wrong place for questions about IPFilter (didn't found
more appropriate freebsd mailling list and one mentioned in some docs seems to
be dead).
But maybe someone can answer it or point in right direction.
I need to rewrite source and destination IPs on p
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Kubilay Kocak changed:
What|Removed |Added
Flags|mfc-stable11?, |mfc-stable11+,
|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Resolution|--- |FIXED
Status|In Progress
the patch from ipfilter upstream fil.c r1.129 to fix
broken ipfilter rule matches (upstream bug #554). The upstream patch
was incomplete, it resolved all but one rule compare issue. The issue
fixed here is when "{to, reply-to, dup-to} interface" are used in
conjuncion with &qu
ipfilter upstream fil.c r1.129 to fix
broken ipfilter rule matches (upstream bug #554). The upstream patch
was incomplete, it resolved all but one rule compare issue. The issue
fixed here is when "{to, reply-to, dup-to} interface" are used in
conjuncion with "on interface&
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Status|Open|In Progress
Flags|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Attachment #206344|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #37 from Cy Schubert ---
No problem.
I think there may still be a problem with the patch under certain
circumstances. I'll continue to test, after which I will run it in my prod
environment for a couple of weeks.
Thank you for
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #36 from WHR ---
I think this bug is fixed by attachment 206344. Tested with kernel version
13.0-CURRENT r350491.
Thanks for your hard work.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Attachment #205851|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #34 from Cy Schubert ---
As suspected, only three interfaces of the four can be specified however only
two are listed of which only the first is used.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #33 from Cy Schubert ---
Getting back to this PR, I discovered other problems related to this, i.e. only
space for 4 fr_ifnames. Put a fifth one in and the resulting structure becomes
a mess without an error message. The whole c
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #32 from WHR ---
(In reply to Cy Schubert from comment #31)
Of course 'fr_tifs' and 'fr_dif' are sturcts; but they contains index, in the
struct, so you can't compare those indexes directly when comparing rule
objects.
--
You
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #31 from Cy Schubert ---
fr_tifs and fr_dif are not indexes.
frdest_t fr_tifs[2];/* "to"/"reply-to" interface */
frdest_t fr_dif;/* duplicate packet interface */
They're a struct with an IP address
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #30 from WHR ---
(In reply to Cy Schubert from comment #29)
I think this because your patch (attachment 205851) only fixed comparing
indexes in 'fr_ifnames', but not indexes in 'fr_tifs' and 'fr_dif'.
The order of strings in '
0 ipl.ko
root@ipftest:~ #
oot@ipftest:~ # ipfstat -Rion
# empty list for ipfilter(out)
@1 pass in quick on tun0 reply-to tun0:10.1.1.1 inet proto tcp from any to
10.1.1.11/32 port = 22 flags S/FSRPAU keep state
@2 pass in quick on tun1 reply-to tun1:10.1.2.1 inet proto tcp from any to
10.1.2.11/32 po
please.
Since this is a fresh installation for testing, no rules exist in ipfilter
config files.
--
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/li
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #27 from Cy Schubert ---
I'm having no such problems as you are.
Do you have INVARIANTS and WITNESS enabled in your kernel?
Send me a copy of your ipf.conf and ipnat.conf, please. If you use ippool, that
too, please.
Except f
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #26 from WHR ---
(In reply to Cy Schubert from comment #23)
This patch seems break adding rules:
[root@ipfilter-test /usr/obj]# kldload
usr/src/amd64.amd64/sys/modules/ipfilter/ipl.ko
[root@ipfilter-test /usr/obj]# kldstat
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Summary|ipfilter: fix unremovable |ipfilter: failure to detect
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #25 from Cy Schubert ---
Rearranging input arguments breaks checksum.
--
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-net@freebsd.org mailing
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #24 from Cy Schubert ---
The problem was that the following fix in 2009, ip_fil.h r1.31 and fil.c r1.53,
is incomplete. A number of issues not relating to this PR have already been
fixed. The posted patch directly fixes this PR.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Attachment #205808|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #22 from Cy Schubert ---
Hmmm. I am not able to reproduce the bug on real hardware or in a VM any more.
--
You are receiving this mail because:
You are on the CC list for the bug.
__
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #21 from WHR ---
(In reply to Cy Schubert from comment #20)
Unfortunately this bug is still happening in r350024.
I has verified that the source code I compiling contain your recent 3 commits
(349978, 349979, 349980); and I do
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Attachment #205744|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #19 from Cy Schubert ---
I will produce an improved patch.
--
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-net@freebsd.org mailing list
https:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Attachment #205322|0 |1
is obsolete|
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #17 from Cy Schubert ---
To be more precise (since I converted Darren's CVS tree to GIT), the CVS rev
number reported by cvs blame for ip_fil.h.
1.31 (darren_r 01-Mar-09)
--
You are receiving this mail because:
You ar
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #16 from Cy Schubert ---
This was broken by ipfilter commit c8beabe in 2009. fr_cksum was moved from the
end of frentry_t to before fr_func. It's a wonder any rule compares work.
--
You are receiving this mail because
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #15 from Cy Schubert ---
That's perfect, thank you. I'll do some testing here. I suspect the cause is
similar to a panic I am working on. Use your patch or the improved patch I
posted here while I dig into the root cause.
--
Y
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #14 from WHR ---
Good news. I has reproduced this bug in a FreeBSD 13.0-CURRENT r349753 testing
VM.
The steps are:
kldload ipl.ko
ifconfig tun0 plumb
ifconfig tun1 plumb
echo "pass in quick reply-to tun0:10.1.1.1 on tun0 proto
teffen
On Wed, Jul 03, 2019 at 05:42:29PM +0100, Steffen Rick wrote:
> Hi,
>
> hoping you guys can help me with this. I'm somehow unable to create an
> ipfilter configuration that will use stateful filtering on IPv6. What
> I have is a very simple ipf.rules file:
>
> i
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #13 from Cy Schubert ---
Unfortunately I cannot accept patches until I can reproduce the problem here. I
have tested the rule in a VM with INVARIANTS and on my production firewall
without INVARIANTS. I am unable to verify that t
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #12 from WHR ---
(In reply to Cy Schubert from comment #11)
Although this bug is always reproduce on that particular machine, with both
12.0-STABLE and 13.0-CURRENT kernels, I failed to reproduce it on a testing VM.
I plan to i
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #11 from Cy Schubert ---
Unfortunately I cannot accept a patch for something I cannot reproduce. AFAIAC
your patch does not fix any bug. Help me reproduce it here then.
A patch for something I cannot verify or reproduce is not
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
WHR changed:
What|Removed |Added
Status|Closed |Open
Resolution|Not A Bug
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Resolution|--- |Not A Bug
Status|Open
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
WHR changed:
What|Removed |Added
Version|12.0-STABLE |CURRENT
--
You are receiving this mail beca
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #8 from WHR ---
(In reply to Cy Schubert from comment #5)
> there is no need for this patch. It already works.
Why?
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
WHR changed:
What|Removed |Added
Resolution|Not A Bug |---
Status|Closed
from Cy Schubert ---
> The IP Filter module is custom built that been applied patches from bug
> #238796 > and
> https://sourceforge.net/p/hacking-freebsd/freebsd-patches/ci/master
> /tree/10.3/ipfilter-local-output-tcp-checksum.diff
Please try this without your custom patche
PR/238796 I discovered an unused variable in frdest,
the next hop structure. It is likely this contributes to PR/238796
though other factors remain to be investigated.
PR: 238796
Changes:
_U stable/11/
stable/11/sys/contrib/ipfilter/netinet/fil.c
stable/11/sys/contrib
Hi,
hoping you guys can help me with this. I'm somehow unable to create an
ipfilter configuration that will use stateful filtering on IPv6. What
I have is a very simple ipf.rules file:
ipf.rules:
pass in quick on lo0 all
pass out quick on lo0 all
pass out quick on re0 all keep state
pa
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Kubilay Kocak changed:
What|Removed |Added
Flags|mfc-stable11?, |
|mfc-stable12?
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Resolution|--- |Not A Bug
Status|Open
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238839
Mark Linimon changed:
What|Removed |Added
Keywords||panic
Assignee|b...@freeb
nished, I'm still
digging. Far from a compete review but you get the idea where I'm going with
this. Plus style(9) improvements.
I've found a lot of this kind of stuff and panics in ipfilter.
I've given our friends at NetBSD a heads up too.
--
You are receiving this mail becaus
is changing between old and new
instances of 'struct frentry'. I later fixed this bug in IP Filter 4.1.34 for
Solaris
(https://git.nsscn.top/Low-power/IPFilter/commit/9bb6c656ac6fef52e53890833703bf7ddea1e18b).
--
You are receiving this mail because:
You are on the CC list for the bug.
discovered an unused variable in frdest,
the next hop structure. It is likely this contributes to PR/238796
though other factors remain to be investigated.
PR: 238796
MFC after:1 week
Changes:
head/sys/contrib/ipfilter/netinet/fil.c
head/sys/contrib/ipfilter/netinet/ip_fil.h
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
--- Comment #1 from Cy Schubert ---
Thanks for the patch. It is being reviewed along with the bug itself.
--
You are receiving this mail because:
You are on the CC list for the bug.
___
freebsd-
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Cy Schubert changed:
What|Removed |Added
Assignee|n...@freebsd.org |c...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238796
Kubilay Kocak changed:
What|Removed |Added
Status|New |Open
Assignee|b...@freeb
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920
Cy Schubert changed:
What|Removed |Added
Assignee|freebsd-net@FreeBSD.org |c...@freebsd.org
--
You are receivi
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920
Ed Maste changed:
What|Removed |Added
Assignee|freebsd-b...@freebsd.org|freebsd-net@FreeBSD.org
--
You are rec
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920
Ed Maste changed:
What|Removed |Added
CC||ema...@freebsd.org
Status|N
er), and rely on packets sent to any Z:z to
have Y:y as the source. It can communicate Y:y to a Z:z somehow, and have
that Z:z send to it (possibly after first sending to Z:z). This is a
mandatory requirement in RFC 4787.
Sadly, of FreeBSD's firewalls/NATs, only IPFILTER supports this desira
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217920
Mark Linimon changed:
What|Removed |Added
Assignee|freebsd-b...@freebsd.org|freebsd-net@FreeBSD.org
--
You are
that based on ipfilter. The setup is working for us for years on
8.2-RELEASE.
We had prepared same setup on 10.2 p4 and when put in the wild we
started to see missing packets possibly somewhere inside the new box
(tcpdump see them on source machine, on inner interface of NAT but not
on outside
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192847
Mark Linimon changed:
What|Removed |Added
Assignee|freebsd-net@FreeBSD.org |c...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197536
Mark Linimon changed:
What|Removed |Added
Assignee|freebsd-net@FreeBSD.org |c...@freebsd.org
--
You are receiv
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197536
Mark Linimon changed:
What|Removed |Added
Assignee|freebsd-b...@freebsd.org|freebsd-net@FreeBSD.org
K
Summary|ipfilter and bad packets|ipfilter: seeing a lot of
||BAD packets in the logs
||while SSH-ing to the box
--
You are receiving this mail because:
You are the assignee for the bug
On Wed, Nov 19, 2014 at 6:32 PM, Cy Schubert
wrote:
> In message
> om>
> , Craig Rodrigues writes:
> > Hi,
> >
> > Can folks take a look at this?
> >
> > https://reviews.freebsd.org/D1191
> >
> > It fixes a crash in ipfilter when a VIMA
In message
, Craig Rodrigues writes:
> Hi,
>
> Can folks take a look at this?
>
> https://reviews.freebsd.org/D1191
>
> It fixes a crash in ipfilter when a VIMAGE kernel is booted.
Tested here. It addresses the issue.
Looking at pf however, global variables were made VI
Hi,
Can folks take a look at this?
https://reviews.freebsd.org/D1191
It fixes a crash in ipfilter when a VIMAGE kernel is booted.
Thanks.
--
Craig
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To
Synopsis: [ipfilter] [panic] Kernel panic: general protection fault in
tcp_do_segment
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:24:54 UTC 2013
Responsible-Changed-Why:
Assign to myself.
http://www.freebsd.org/cgi/query-pr.
Synopsis: [ipfilter] panic from ipfilter/ipnat when VIMAGE options used
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:24:38 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=176
Synopsis: [ipfilter] Fatal trap in ipfilter/ipnat
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:23:44 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=167
Synopsis: [ipfilter] [panic] Double fault in kern 8.2
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:23:30 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=166
Synopsis: [patch] [ipfilter] drops UDP packets with zero checksum on some
interfaces
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:23:11 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=166
Synopsis: [panic] [ipfilter] ipfilter/nat NULL pointer deference
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:22:54 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=165
Synopsis: [ipfilter] Infinite loop in ipfilter with fragmented IPv6 traffic
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:22:40 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=162
Synopsis: [ipfilter] [patch] kernel panic in ipfilter IP fragments with TCP
paylaod in reverse order
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:22:21 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/qu
Synopsis: [ipfilter] ipfilter ioctl SIOCDELST broken
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:22:06 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=139
Synopsis: [ipfilter] mbuf cluster leak on FreeBSD 7.2
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:21:51 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=139
1 - 100 of 383 matches
Mail list logo
