Re: git: e3ba0d6adde3 - main - inpcb: do not copy so_options into inp_flags2

Mon, 14 Aug 2023 13:34:00 -0700 

On 27.07.23 05:51, Gleb Smirnoff wrote:

The branch main has been updated by glebius:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=e3ba0d6adde3c694f46a30b3b67eba43a7099395

commit e3ba0d6adde3c694f46a30b3b67eba43a7099395
Author:     Gleb Smirnoff <[email protected]>
AuthorDate: 2023-07-27 03:35:41 +0000
Commit:     Gleb Smirnoff <[email protected]>
CommitDate: 2023-07-27 03:35:42 +0000

     inpcb: do not copy so_options into inp_flags2
Since f71cb9f74808 socket stays connnected with inpcb through latter's 
     lifetime and there is no reason to complicate things and copy these
     flags.
Reviewed by: markj 
     Differential Revision:  https://reviews.freebsd.org/D41198


Hi Gleb,
this commit is causing issues on my mail server. Some incoming connections would just hang, email would stay in the queue of the remote server for hours. Repeated telnet/nc to port 25 would just hang. Some connections do come trough though. I wasn't able to determine a pattern. 

I'm running postfix 3.8.1 in a bhyve VM and forward port 25 using pf.
rdr pass on $ext_if proto tcp from any to 88.x.y.53 port 25 -> 10.211.11.3 port 25
The packets do arrive in the VM, but for some reason the packets aren't accepted. There are no firewalls enabled in the VM itself.
19:47:50.857299 IP 5.x.y.18.34283 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 19:47:51.573109 IP 5.x.y.18.33457 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 19:47:52.702420 IP 5.x.y.18.35528 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 19:47:55.856822 IP 5.x.y.18.34283 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 

flo@mail:~ % netstat -an|grep 5.x.y.18
flo@mail:~ % sockstat -l -p 25 -P tcp
USER     COMMAND    PID   FD  PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
postfix  postscreen   980 6   tcp4   *:25                  *:*
postfix  postscreen   980 7   tcp6   *:25                  *:*
root     master       973 13  tcp4   *:25                  *:*
root     master       973 14  tcp6   *:25                  *:*
vtnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 
        options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE>
        ether 58:9c:fc:0e:ca:cb
        inet 10.211.11.3 netmask 0xffffff00 broadcast 10.211.11.255
I'm now running head from today with only e3ba0d6adde3 reverted, and everything is working fine again. I also verified that unmodified a43e7a96b64e works, but this commit does not.
For some reason I did not notice any other ill effect with http(s) or ssh sessions to VMs on this server, but most of them are v6 and not NATed. 

What else do you need to debug this?

Florian

Reply via email to