Re: pfctl -k id not working

Thank you for fast fix Kristof.

Regards

On Tue, Aug 24, 2021 at 3:58 PM Kristof Provost <kp@freebsd.org> wrote:

> On 22 Aug 2021, at 21:01, Kristof Provost wrote:
> > On 22 Aug 2021, at 20:58, Oleksandr Kryvulia wrote:
> >> 20.08.21 22:01, Özkan KIRIK пишет:
> >>> Hi,
> >>>
> >>> I'm trying to kill a single state using state id. But even state
> exists, no
> >>> (0) states are killed.
> >>>
> >>> I'm using FreeBSD stable/12 0f97f2a1857a (Jul 26) build. Outputs are
> below:
> >>>
> >>> root@freebsd:/ # pfctl -ss -vvv | tail -5
> >>> all tcp 10.255.4.134:60684 -> 10.2.3.10:443
>  ESTABLISHED:ESTABLISHED
> >>>    [3857528462 + 256] wscale 7  [2278827950 + 1117184] wscale 9
> >>>    age 1002336:42:40, expires in 252932:33:04, 250675:343858 pkts,
> >>> 18984576:362136695 bytes, anchor 1308884992, rule 419430400
> >>>    id: effe296100000018 creatorid: e9c975c1 gateway: 0.0.0.0
> >>>    origif: ix0.167
> >>>
> >>> root@freebsd:/ # pfctl -k id -k effe296100000018
> >>> killed 0 states
> >>>
> >>> root@freebsd:/ # pfctl -ss -vvv | tail -5
> >>> all tcp 10.255.4.134:60684 -> 10.2.3.10:443
>  ESTABLISHED:ESTABLISHED
> >>>    [1005467278 + 256] wscale 7  [2245470126 + 1117184] wscale 9
> >>>    age 60966:41:04, expires in 280894:34:40, 250677:343861 pkts,
> >>> 18984766:362137617 bytes, anchor 1308884992, rule 419430400
> >>>    id: effe296100000018 creatorid: e9c975c1 gateway: 0.0.0.0
> >>>    origif: ix0.167
> >>>
> >>> is it possible to fix it?
> >>>
> >>> Regards
> >>>
> >>
> >> Same on current.
> >
> > Thanks for the confirmation. It’s very likely fallout from the nvlist
> changes I did in that area recently.
> > It’s on my list for Monday. It’s likely to be fairly easy to fix.
> >
> This will be fixed as of e59eff9ad3285838730acf48f6d066cec0e53114 (in
> main).
> MFC to be done next week.
>
> Br,
> Kristof
>
>