[Bug 219933] bsd diff: --suppress-common-lines // -y/--side-by-side // -W not implemented

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219933

--- Comment #2 from commit-h...@freebsd.org ---
A commit references this bug:

Author: ngie
Date: Mon Jun 12 05:11:44 UTC 2017
New revision: 319847
URL: https://svnweb.freebsd.org/changeset/base/319847

Log:
  Add some testcases for `diff --side-by-side` support

  These are were created proactively, in anticipation of the support being
  fully implemented sometime in the future.

  The tests currently fail on ^/head@r319845, however. Expect them to fail.

  PR:   219933
  Tested with:  gdiff

Changes:
  head/usr.bin/diff/tests/diff_test.sh

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219933] bsd diff: --suppress-common-lines // -y/--side-by-side // -W not implemented

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219933

Ngie Cooper  changed:

   What|Removed |Added

Summary|bsd diff:   |bsd diff:
   |--suppress-common-lines //  |--suppress-common-lines //
   |-y/--side-by-side not   |-y/--side-by-side // -W not
   |implemented |implemented

--- Comment #1 from Ngie Cooper  ---
(In reply to Ngie Cooper from comment #0)

-W isn't implemented either.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219933] bsd diff: --suppress-common-lines // -y/--side-by-side not implemented

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219933

Bug ID: 219933
   Summary: bsd diff: --suppress-common-lines // -y/--side-by-side
not implemented
   Product: Base System
   Version: CURRENT
  Hardware: Any
OS: Any
Status: New
  Severity: Affects Many People
  Priority: ---
 Component: bin
  Assignee: freebsd-bugs@FreeBSD.org
  Reporter: n...@freebsd.org

I use `--suppress-common-lines -y` frequently to compare two files with diff.
This isn't currently implemented in bsd diff:

$ gdiff -y --suppress-common-lines A B
A | D
C | E
$ diff -y --suppress-common-lines A B
diff: invalid option -- y
usage: diff [-abdilpTtw] [-c | -e | -f | -n | -q | -u] [--ignore-case]
[--no-ignore-case] [--normal] [--strip-trailing-cr] [--tabsize]
[-I pattern] [-L label] file1 file2
   diff [-abdilpTtw] [-I pattern] [-L label] [--ignore-case]
[--no-ignore-case] [--normal] [--strip-trailing-cr] [--tabsize]
-C number file1 file2
   diff [-abdiltw] [-I pattern] [--ignore-case] [--no-ignore-case]
[--normal] [--strip-trailing-cr] [--tabsize] -D string file1 file2
   diff [-abdilpTtw] [-I pattern] [-L label] [--ignore-case]
[--no-ignore-case] [--normal] [--tabsize] [--strip-trailing-cr]
-U number file1 file2
   diff [-abdilNPprsTtw] [-c | -e | -f | -n | -q | -u] [--ignore-case]
[--no-ignore-case] [--normal] [--tabsize] [-I pattern] [-L label]
[-S name] [-X file] [-x pattern] dir1 dir2

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Problem reports for freebsd-bugs@FreeBSD.org that need special attention

2017-06-11 Thread bugzilla-noreply 
To view an individual PR, use:
  https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id).

The following is a listing of current problems submitted by FreeBSD users,
which need special attention. These represent problem reports covering
all versions including experimental development code and obsolete releases.

Status  |Bug Id | Description
+---+---
In Progress |183618 | [panic] Dell PowerEdge R620 -- PERC H710 Mini (mf 
In Progress |192528 | pwd_mkdb fails if /etc/shells contains duplicates 
In Progress |196973 | sh(1) broken UTF-8 input  
In Progress |207109 | makefs includes a timestamp that prevents reprodu 
In Progress |212562 | stucking kyua test (/usr/tests/lib/libutil) on 10 
New |197876 | [devfs] an error in devfs leads to data loss and  
New |198797 | [PATCH] Added an option to install BSDstats to bs 
New |202290 | /usr/bin/vi conversion error on valid character   
New |202362 | ntp: restore refclocks selection (10.2-RELEASE re 
New |202740 | vi/ex string substitution problem when there is m 
New |204097 | witness_initialize() does not perform bound check 
New |204115 | freebsd-update: Add support for better user messa 
New |204545 | Adding quirk entry for some (Acer C720P Chromeboo 
New |205598 | [patch] sbin/md5.c param -c, convert to lowercase 
New |206386 | vendor/libarchive: directory traversal vulnerabil 
New |207940 | [patch] sys/boot/efi/boot1 select boot partition  
New |209213 | UEFI Loader shows only black screen with Nvidia G 
New |210245 | [PATCH] Update etc/ntp.conf to eliminate failure  
New |210804 | installerconfig - using ZFS create in custom scri 
New |212561 | stucking kyua test (/usr/tests/sys/acl/01) with e 
New |214705 | Kernel panic trying to playback encrypted DVD, "F 
Open|183817 | [patch] [mac] [panic] kernel compiled with option 
Open|194925 | [pf] [ifconfig] interface group keywords do not w 
Open|204121 | numa(4) is broken: "vm_page_alloc: missing page"  
Open|206528 | Emulex LPe 16002 FC HBA Not Recognized by oce(4)  
Open|206585 | hpt_set_info possible buffer overflow 
Open|206754 | Out of bounds negative array index in iicrdwr 
Open|207248 | [patch] daemon(8): Add option to redirect stdout  
Open|212418 | kernel panic in _taskqgroup_adjust - uninitialize 
Open|217505 | [asmc] [patch] Add Support for Macbook Pro 8,1
In Progress |191348 | [mps] LSI2308 with WD3000FYYZ drives disappears a 
New |202316 | Add IANA vxlan port to /etc/services  
New |206386 | vendor/libarchive: directory traversal vulnerabil 
Open|206754 | Out of bounds negative array index in iicrdwr 

34 problems total for which you should take action.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219644] FreeBSD 11 + nginx + apache delay +0.1 second on files greater than 32768 bytes

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219644

--- Comment #18 from free...@ihead.ru ---
Can anybody help with this?
Is is easy reproduceble FreeBSD11's strange behavior.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219930] blacklistd do not remove (unblock) ip from ipfw table

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219930

Bug ID: 219930
   Summary: blacklistd do not remove (unblock) ip from ipfw table
   Product: Base System
   Version: 11.0-RELEASE
  Hardware: amd64
OS: Any
Status: New
  Severity: Affects Some People
  Priority: ---
 Component: bin
  Assignee: freebsd-bugs@FreeBSD.org
  Reporter: free...@ihead.ru

1)
cat /etc/blacklistd.conf | grep -v ^#
[local]
ftp stream  *   *   *   3   1m

[remote]

2) Run blacklistd in console for debug with 1 second checking interval:
blacklistd -v -d -t 1

3) Connect to ftpd and make some invalid auths.

4) The output in console (blacklistd -v -d -t 1):
[local]
  targettypeproto   owner   namenfail   duration
  216   *   *   *   3   60
[remote]
  sourcetypeproto   owner   namenfail   duration
Connected to blacklist server
processing type=1 fd=5 remote=192.168.10.250:59383 msg=Login incorrect uid=0
gid=0
listening socket: 192.168.10.22:21
look:   target:192.168.10.22:21, proto:6, family:2, uid:0, name:=, nfail:*,
duration:*
check:  target:21, proto:6, family:*, uid:*, name:*, nfail:3, duration:60
found:  target:21, proto:6, family:*, uid:*, name:*, nfail:3, duration:60
conf_apply: merge:  target:21, proto:6, family:*, uid:*, name:*, nfail:3,
duration:60
conf_apply: to: target:192.168.10.22:21, proto:6, family:2, uid:0, name:=,
nfail:*, duration:*
conf_apply: result: target:192.168.10.22:21, proto:6, family:2, uid:*,
name:*, nfail:3, duration:60
Applied address 192.168.10.250:21
Applied address 192.168.10.250:21
process: db state info for 192.168.10.250:59383: count=0/3 last=1970/01/01
03:00:00 now=2017/06/11 22:36:33
processing type=1 fd=5 remote=192.168.10.250:59415 msg=Login incorrect uid=0
gid=0
listening socket: 192.168.10.22:21
look:   target:192.168.10.22:21, proto:6, family:2, uid:0, name:=, nfail:*,
duration:*
check:  target:21, proto:6, family:*, uid:*, name:*, nfail:3, duration:60
found:  target:21, proto:6, family:*, uid:*, name:*, nfail:3, duration:60
conf_apply: merge:  target:21, proto:6, family:*, uid:*, name:*, nfail:3,
duration:60
conf_apply: to: target:192.168.10.22:21, proto:6, family:2, uid:0, name:=,
nfail:*, duration:*
conf_apply: result: target:192.168.10.22:21, proto:6, family:2, uid:*,
name:*, nfail:3, duration:60
Applied address 192.168.10.250:21
Applied address 192.168.10.250:21
process: db state info for 192.168.10.250:59415: count=1/3 last=2017/06/11
22:36:33 now=2017/06/11 22:36:38
processing type=1 fd=5 remote=192.168.10.250:59437 msg=Login incorrect uid=0
gid=0
listening socket: 192.168.10.22:21
look:   target:192.168.10.22:21, proto:6, family:2, uid:0, name:=, nfail:*,
duration:*
check:  target:21, proto:6, family:*, uid:*, name:*, nfail:3, duration:60
found:  target:21, proto:6, family:*, uid:*, name:*, nfail:3, duration:60
conf_apply: merge:  target:21, proto:6, family:*, uid:*, name:*, nfail:3,
duration:60
conf_apply: to: target:192.168.10.22:21, proto:6, family:2, uid:0, name:=,
nfail:*, duration:*
conf_apply: result: target:192.168.10.22:21, proto:6, family:2, uid:*,
name:*, nfail:3, duration:60
Applied address 192.168.10.250:21
Applied address 192.168.10.250:21
process: db state info for 192.168.10.250:59437: count=2/3 last=2017/06/11
22:36:38 now=2017/06/11 22:36:44
run /usr/libexec/blacklistd-helper [control add blacklistd tcp 192.168.10.250
32 21 ]
add returns (null)

5)
ipfw table port21 list
--- table(port21), set(0) ---
192.168.10.250/32 0

6) Blocked IP-address is not automatically removed from ipfw table port21.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 213045] kldload vesa gives "error 19"

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213045

Valery  changed:

   What|Removed |Added

 CC||vvy_...@rambler.ru

--- Comment #3 from Valery  ---
Created attachment 183409
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=183409=edit
HP t610 TC boot

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219926] sscanf(3): Inconsistent return value on match failures with patterns like "%*s%u" when compared to other implementations

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219926

--- Comment #1 from Conrad Meyer  ---
The C11 standard says:

---8<---
Returns
3 The sscanf function returns the value of the macro EOF if an input failure
occurs before the first conversion (if any) has completed. Otherwise, the
sscanf function returns the number of input items assigned, which can be fewer
than provided for, or even zero, in the event of an early matching failure.
---8<---

So the question is — is "%*s" a conversion?

From the fscanf part of C11:

---8<---
Each conversion specification is introduced by the character %.
After the %, the following appear in sequence:
— An optional assignment-suppressing character *.
— An optional decimal integer greater than zero that specifies the maximum
field width (in characters).
— An optional length modifier that specifies the size of the receiving object.
— A conversion specifier character that specifies the type of conversion to be
applied.
---8<---

So... maybe?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 213871] vmx, netgraph, mpd5-5.8: Fatal trap 12: page fault while... supervisor write data, page not present (11.0-RELEASE-p2)

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213871

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org

--- Comment #1 from Eugene Grosbein  ---
Do you have full crashdump and backtracke, not just KDB_TRACE output?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 203264] bsnmpd returning incorrect values for ipAdEntNetMask, for example mask of 48.0.0.0

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203264

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org
 Status|New |Closed
 Resolution|--- |DUPLICATE

--- Comment #1 from Eugene Grosbein  ---
Duplicate of already solved PR 195445.

*** This bug has been marked as a duplicate of bug 195445 ***

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 193953] bsnmpd missing 64-bit fields with vlan under lagg

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193953

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org

--- Comment #1 from Eugene Grosbein  ---
Please re-test this using any supported FreeBSD version (e.g. 10.3+ or 11). It
should work here now.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 180881] [panic] Attack invalid user in mpd causes kernel panic.

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=180881

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org

--- Comment #3 from Eugene Grosbein  ---
Is this problem still relevant to FreeBSD 10 or 11?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 180018] [panic] System panics when bsnmpd is started

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=180018

Eugene Grosbein  changed:

   What|Removed |Added

   Assignee|freebsd-am...@freebsd.org   |freebsd-bugs@FreeBSD.org
  Component|amd64   |kern

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219926] sscanf(3): Inconsistent return value on match failures with patterns like "%*s%u" when compared to other implementations

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219926

Bug ID: 219926
   Summary: sscanf(3): Inconsistent return value on match failures
with patterns like "%*s%u" when compared to other
implementations
   Product: Base System
   Version: CURRENT
  Hardware: Any
OS: Any
Status: New
  Severity: Affects Only Me
  Priority: ---
 Component: bin
  Assignee: freebsd-bugs@FreeBSD.org
  Reporter: to...@freebsd.org

When using a pattern that starts with "%*s" followed by one or more
other conversions, the sscanf(3) implementation in FreeBSD's libc
behaves differently than the sscanf() implementations in other libcs.
For example running this small test program on a bunch of different
systems gives the following results:

#include 

int
main(int argc, char *argv[])
{
unsigned int i;
int n = sscanf("foo", "%*s%u", );
printf("n = %d\n", n);
return 0;
}

n = 0 on FreeBSD 11.0 and 12.0-CURRENT
n = 0 on DragonFly BSD 4.6.0rc2
n = 0 on NetBSD 7.0.1
n = -1 on Ubuntu 16.04 (Glibc 2.23)
n = -1 on Alpine Linux (musl 1.1.16)
n = -1 on OpenBSD 6.1

Glibc, musl, and OpenBSD's libc all return EOF in this case.

netpbm's ppmtoarbtxt uses a similar pattern and would fail to work
correctly on FreeBSD because it expects that EOF is returned after a
match failure.  This has been worked around now upstream by not using
"%*s" first in the pattern.  But I'm wondering if this a bug or if
this is ok?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 168247] FreeBSD 7.2 kernel panic after update MPD from 5.5 to 5.6 version [regression]

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=168247

Eugene Grosbein  changed:

   What|Removed |Added

 Status|In Progress |Closed
 Resolution|--- |Overcome By Events
 CC||eu...@freebsd.org

--- Comment #1 from Eugene Grosbein  ---
FreeBSD 7.2 support ended long time ago and lots of work was done to stabilize
netgraph and mpd. If you have issues with recent versions, please fill new PR.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 163736] Freebsd 8.2 with MPD5 and about 100 PPPoE clients panics anywhere from 15Hrs to 8 days

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=163736

Eugene Grosbein  changed:

   What|Removed |Added

  Component|amd64   |kern
   Assignee|freebsd-am...@freebsd.org   |freebsd-bugs@FreeBSD.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 151264] bsnmpd(1): pf counters aren't updated on some SNMP queries

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=151264

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org

--- Comment #4 from Eugene Grosbein  ---
(In reply to freebsd from comment #0)

Is this problem still relevant?

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 132993] [patch] bsnmpd(1) - bad IfPoll timer interval

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=132993

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org
 Status|In Progress |Open
   Assignee|freebsd-bugs@FreeBSD.org|gleb...@freebsd.org

--- Comment #1 from Eugene Grosbein  ---
HC polling code was submitter by glebius in 2006. Perhaps, he can tell if 10x
multiplier was intentional.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219918] [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full cone NAT)

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219918

--- Comment #3 from Damjan Jovanovic  ---
Thank you. I do want good performance, and am thinking of better solutions.
Maybe a new hash table, that's only on alias address:port, instead of changing
the existing one to that. Or a bitfield of 65536 bits for ports in use, that
could provide guaranteed O(1) lookups. I do need to understand that code better
first though.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219918] [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full cone NAT)

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219918

--- Comment #2 from Kurt Jaeger  ---
As a (small) natd user, I'd like to comment:
having the better/correcter behaviour is more important than performance,
if performance and side effects are documented in the man page and
if there's a way to change the default for performance and no side-effects.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219918] [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full cone NAT)

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219918

Eugene Grosbein  changed:

   What|Removed |Added

 CC||eu...@freebsd.org

--- Comment #1 from Eugene Grosbein  ---
(In reply to Damjan Jovanovic from comment #0)

Your patch makes significant change unconditionnaly and the change may present
regression for other use cases:

- it can degrade performance of libalias hash function that is not perfect
already;
- it decreases port variance of translated traffic that can degrade performance
of L3 channel load distribution.

Note that libalias already has a flag PKT_ALIAS_SAME_PORTS (natd -same_ports or
ipfw nat config same_ports) to somehow change port translation rules. Please
make your change conditional using new flag for new translation mode.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219919] ipf kern_securelevel=1

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219919

Bug ID: 219919
   Summary: ipf kern_securelevel=1
   Product: Base System
   Version: 11.0-STABLE
  Hardware: Any
OS: Any
Status: New
  Severity: Affects Only Me
  Priority: ---
 Component: kern
  Assignee: freebsd-bugs@FreeBSD.org
  Reporter: z462v...@mail.lviv.ua

rc.conf

kern_securelevel_enable="YES"
kern_securelevel=1

ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
#+ipfilter_flags="-D -T ipf_nattable_sz=10009,ipf_nattable_max=30 -E"


ipf = Does not start

open device: No such file or directory
User/kernel version check failed

Glogs firewall does not protect.
How do other firewalls behold themselves.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 219918] [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full cone NAT)

2017-06-11 Thread bugzilla-noreply 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219918

Bug ID: 219918
   Summary: [patch] LibAlias: implement RFC 4787 REQ 1 and 3 (full
cone NAT)
   Product: Base System
   Version: CURRENT
  Hardware: Any
OS: Any
Status: New
  Keywords: patch
  Severity: Affects Many People
  Priority: ---
 Component: kern
  Assignee: freebsd-bugs@FreeBSD.org
  Reporter: damjan@gmail.com

Created attachment 183392
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=183392=edit
LibAlias RFC 4787 req 1 and 3 implementation

Implement NAT hole punching for UDP, as per RFC 4787 requirements 1 and 3,
creating an endpoint-independent mapping NAT also known as an (address- and
port-restricted) cone NAT.

Outgoing links are now hashed only on source IP/port, so they can be searched
using only those, allowing us to find and reuse the alias address/port already
in use by the packet's source address/port. When new links are allocated, we
also search for an alias address/port that is not used by any link.

Also updated the man page to reflect this.

Please also see the related bug 219803, which implements the same feature in
PF.

-- 
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"