From nobody Fri Mar 17 13:51:47 2023 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PdQXg3xzDz3yPNh for ; Fri, 17 Mar 2023 13:51:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PdQXg2wTFz3xtr for ; Fri, 17 Mar 2023 13:51:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1679061107; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cMUG2GKMskpKWigjM6aVHU4XW4pcKi5k7hvoEjwRAjU=; b=KiRNXrSLPB9lW6IkH6VO+o1qtK95MS8GR+pitAFeywHYWgSC+xgpqmSCjZaqOdfqqYGmf/ 11MgVbCIbl8yi+gLraWWtbAd2AbEqtgDrIx1CtA37Qn8Q75PUx6zbiqCLZTIW9GRawEmHX YMOE8HCdp84HgSwxD6z2WkwHk6Bv49761+wgkDtic/ikoBcCsTdVDK1g6ZG5uwbLSP4zEf bM/CW4FFzlJCL15pFdr02HYMLQWuydIfDUMaRcWl0MruOICdGmuB+d6d7ps0p8zserMeu8 jAEPTHJ7Rft4H5nQADMAdSmBubCzXw4xF4355ZtKdiVRnj6v8BV3Du5x4i/snw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1679061107; a=rsa-sha256; cv=none; b=RMuY5wzprm4D2r6KHhQ+igSKTu94rOpmntg0TNboQBlbQibOdNoYA7l4KKsTl4g6PcAK1b 4B3bCih+4AWkk7z6eivl8Dr+6ekKRQXQuXbjp81Ql58jG9/0nkXcjjbl/EBjhuhpdyhGf4 1D091EN0zpZSxMh5CPolNxqYr8FJRojR2OPrfIOKYffLbFs6MzHw9tFnwx3CxU4mn7LE1W s2NkVQwTdggWGOb17E8n35baInvhOBPjoQLfkKMNINErKkwxUB0eqXdQxRDuE7f3T9cBIA YuNzZi4LH1H79fAjOi0n92psqHOREGDD6XmBuvlMPMlrcMgYsZ4hxTm7yn2WKw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PdQXg1x15zSwd for ; Fri, 17 Mar 2023 13:51:47 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 32HDplad009096 for ; Fri, 17 Mar 2023 13:51:47 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 32HDplDv009095 for net@FreeBSD.org; Fri, 17 Mar 2023 13:51:47 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 270285] Network issue with very small frames (tcp, padded) Date: Fri, 17 Mar 2023 13:51:47 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.3-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: mhaarmann@midoco.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D270285 --- Comment #5 from Marcus Haarmann --- reproduced some minutes ago, without haproxy, direct call to fetch: The following frame was received: 0000 a0 36 9f 5f 90 42 e2 84 72 d3 14 5c 08 00 45 00 0010 00 2d cb 45 40 00 40 06 bc 08 c0 a8 19 29 c0 a8 0020 19 03 00 50 2b d2 a6 44 37 b5 d6 94 85 ed 50 18 0030 a4 cf d8 4e 00 00 b0 b9 89 d3 de 00 (padded with a single 00 byte), content was 5 bytes (b0 b9 89 d3 de). Next packet received: 0000 a0 36 9f 5f 90 42 e2 84 72 d3 14 5c 08 00 45 00 .6._.B..r..\..E. 0010 05 dc cb 46 40 00 40 06 b6 58 c0 a8 19 29 c0 a8 ...F@.@..X...).. 0020 19 03 00 50 2b d2 a6 44 37 ba d6 94 85 ed 50 10 ...P+..D7.....P. 0030 a4 cf 22 8b 00 00 5e 2c 5b ad de 09 e6 d0 27 59 .."...^,[.....'Y (data starts with 0x5e 0x2c ....) Resulting defect (hex dump of defect file vs. correct file): 000eeac0 bd ec e8 40 92 5f 88 ef ed dd 10 7c 3e 88 a3 23 |=C5=93=C3=AC= =C3=A8@._.=C3=AF=C3=AD=C3=9D.|>.=C2=A3#| 000eead0 e8 6c 67 b0 b9 89 d3 de 00 5e 2c 5b ad de 09 e6 |=C3=A8lg=C2=B0= =C2=B9.=C3=93=C3=9E.^,[=C2=AD=C3=9E.=C3=A6| 000eeae0 d0 27 59 1e f7 57 56 42 b3 db 91 18 1b 43 d2 eb |=C3=90'Y.=C3= =B7WVB=C2=B3=C3=9B...C=C3=92=C3=AB| 000eeac0 bd ec e8 40 92 5f 88 ef ed dd 10 7c 3e 88 a3 23 |=C5=93=C3=AC= =C3=A8@._.=C3=AF=C3=AD=C3=9D.|>.=C2=A3#| 000eead0 e8 6c 67 b0 b9 89 d3 de 5e 2c 5b ad de 09 e6 d0 |=C3=A8lg=C2=B0= =C2=B9.=C3=93=C3=9E^,[=C2=AD=C3=9E.=C3=A6=C3=90| 000eeae0 27 59 1e f7 57 56 42 b3 db 91 18 1b 43 d2 eb 85 |'Y.=C3=B7WVB= =C2=B3=C3=9B...C=C3=92=C3=AB.| The wrong byte was inserted between 0xde and 0x5e. This is the local file constructed by a fetch http:.... command=20 executed directly on the firewall. If you say that a package of this kind is fully ok, which is also my understanding of the padding mechanism here, then the kernel should not for= ward this padding byte to user space. I am not aware that the pfsense people to some kind of mangling. In this reduced setup, only the LAN adapter is touched, no forwarding occurs. Outpu= t is directly saved in the file. --=20 You are receiving this mail because: You are the assignee for the bug.=