Re: git: e3ba0d6adde3 - main - inpcb: do not copy so_options into inp_flags2
Date: Mon, 14 Aug 2023 20:33:51 UTC
On 27.07.23 05:51, Gleb Smirnoff wrote: > The branch main has been updated by glebius: > > URL: https://cgit.FreeBSD.org/src/commit/?id=e3ba0d6adde3c694f46a30b3b67eba43a7099395 > > commit e3ba0d6adde3c694f46a30b3b67eba43a7099395 > Author: Gleb Smirnoff <glebius@FreeBSD.org> > AuthorDate: 2023-07-27 03:35:41 +0000 > Commit: Gleb Smirnoff <glebius@FreeBSD.org> > CommitDate: 2023-07-27 03:35:42 +0000 > > inpcb: do not copy so_options into inp_flags2 > > Since f71cb9f74808 socket stays connnected with inpcb through latter's > lifetime and there is no reason to complicate things and copy these > flags. > > Reviewed by: markj > Differential Revision: https://reviews.freebsd.org/D41198 Hi Gleb, this commit is causing issues on my mail server. Some incoming connections would just hang, email would stay in the queue of the remote server for hours. Repeated telnet/nc to port 25 would just hang. Some connections do come trough though. I wasn't able to determine a pattern. I'm running postfix 3.8.1 in a bhyve VM and forward port 25 using pf. rdr pass on $ext_if proto tcp from any to 88.x.y.53 port 25 -> 10.211.11.3 port 25 The packets do arrive in the VM, but for some reason the packets aren't accepted. There are no firewalls enabled in the VM itself. 19:47:50.857299 IP 5.x.y.18.34283 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 19:47:51.573109 IP 5.x.y.18.33457 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 19:47:52.702420 IP 5.x.y.18.35528 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 19:47:55.856822 IP 5.x.y.18.34283 > 10.211.11.3.25: Flags [S], seq 65535, win 0, length 0 flo@mail:~ % netstat -an|grep 5.x.y.18 flo@mail:~ % sockstat -l -p 25 -P tcp USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS postfix postscreen 980 6 tcp4 *:25 *:* postfix postscreen 980 7 tcp6 *:25 *:* root master 973 13 tcp4 *:25 *:* root master 973 14 tcp6 *:25 *:* vtnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE> ether 58:9c:fc:0e:ca:cb inet 10.211.11.3 netmask 0xffffff00 broadcast 10.211.11.255 I'm now running head from today with only e3ba0d6adde3 reverted, and everything is working fine again. I also verified that unmodified a43e7a96b64e works, but this commit does not. For some reason I did not notice any other ill effect with http(s) or ssh sessions to VMs on this server, but most of them are v6 and not NATed. What else do you need to debug this? Florian