Re: pf.conf bug

2023-02-06 Thread Theo de Raadt
> This creates an ABI change. People have to recompile their pfctl. > I think we never guarantee this level of compatibility. Correct. It is a binary suppled with the kernel. We pay attention if it is inconvenient. That means if you need a new binary before a new kernel. But this is in the

Re: pf.conf bug

2023-02-06 Thread Alexander Bluhm
On Mon, Feb 06, 2023 at 09:37:47PM +0100, Alexandr Nedvedicky wrote: > if we want to allow firewall administrator to specify a match > on icmptype 255 then extending type from uint8_t to uint16_t > is the right change. > > another option is to change logic here to allow matching

Re: pf.conf bug

2023-02-06 Thread Alexandr Nedvedicky
Hello, [ cc'ing also tech@ ] On Mon, Feb 06, 2023 at 06:44:38PM +0300, r...@bh0.amt.ru wrote: > >Synopsis:pf.conf bug > >Category:system > >Environment: > System : OpenBSD 7.2 > Details : OpenBSD 7.2 (GENERIC.MP) #6: Sat Jan 21 01:03:04 MST 2023 >

unwind ignores 'force' directive for zone home.arpa

2023-02-06 Thread Ryan Kavanagh
>Synopsis: unwind ignores 'force' directive for home.arpa >Category: system >Environment: System : OpenBSD 7.2 Details : OpenBSD 7.2-current (GENERIC.MP) #1015: Thu Feb 2 06:25:57 MST 2023

Re: pf_state_export crash

2023-02-06 Thread Csillag Tamas
Hi, We can report success with the patch if that helps :). (Bryan: a possible workaround is to switch off pfsync which means failover will not be seamless as tcp connections will be forcefully closed as states are not in sync) Regards, Tamas On Mon, Feb 06, 2023 at 03:58:19PM +0100, Alexandr

Re: bgpd.conf connect-retry bug

2023-02-06 Thread Claudio Jeker
On Mon, Feb 06, 2023 at 06:38:43PM +0300, r...@bh0.amt.ru wrote: > >Synopsis:bgpd.conf connect-retry bug > >Category:system > >Environment: > System : OpenBSD 7.2 > Details : OpenBSD 7.2 (GENERIC.MP) #6: Sat Jan 21 01:03:04 MST 2023 > >

bgpd.conf connect-retry bug

2023-02-06 Thread root
>Synopsis: bgpd.conf connect-retry bug >Category: system >Environment: System : OpenBSD 7.2 Details : OpenBSD 7.2 (GENERIC.MP) #6: Sat Jan 21 01:03:04 MST 2023 r...@syspatch-72-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

pf.conf bug

2023-02-06 Thread root
>Synopsis: pf.conf bug >Category: system >Environment: System : OpenBSD 7.2 Details : OpenBSD 7.2 (GENERIC.MP) #6: Sat Jan 21 01:03:04 MST 2023 r...@syspatch-72-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

Re: pf_state_export crash

2023-02-06 Thread Alexandr Nedvedicky
Hello Bryan, if switching to -current is not an option for you then you can give a try to diff [1] sent earlier to bugs@. we still gather a feedback on the fix to decide if it is good enough for syspatch. thanks and regards sashan [1] https://marc.info/?l=openbsd-bugs=167227628414453=2 On