From nobody Tue Aug 20 14:15:27 2024
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WpBM55zwmz5TCKH
	for <net@mlmmj.nyi.freebsd.org>; Tue, 20 Aug 2024 14:15:29 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4WpBM54rFqz4jvY
	for <net@FreeBSD.org>; Tue, 20 Aug 2024 14:15:29 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724163329; a=rsa-sha256; cv=none;
	b=YbBD01zdnHgqEEJooNcZsZHy0Sn4JdwhJ7uxzs/0Vhhp1UxofL000vbTWroWpL0kLRkOLi
	GQOs+Dmkj2tMvg97gA4xs7jjeRKvIst93+PVp3JvbxlUUnVYFZHG9T/F8xKcxMRQlgYMmZ
	0XBVzAlrzQVj2N+rdDMWfQ9GOjpbdczecw+hn3AlWTT2aYeig81gQRn4t0zD+zaHnrmQUE
	fmUoHP4RAPHltoqqA8+AWl+C4cLvFRdw9uDbRjw2KFhQWBVqQ1+/RF5fdGRdNxBHbjQoOf
	NgyDpjJZxzfqh0pQ76LeSCI6YufRcoH86dXdq8/rPBWS2Atg/HgP9TaXIjwhpw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1724163329;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=iMUHOjWt3pxZluhDbkYfu2Wdw9bgkSzQsBKreo+zGb8=;
	b=N0Fa3nI2WyrghZQP+yBTAoc3Rt8b93aEqNKadChNXhJsUXo9Fg8W9eSW8Ct+DdIH11xehF
	rpkxbeTwaqMFtoL7Rn23QehLBNJ5rKcVYkq/0T5My7KFb3/rTD2TgIIcoNq/P+WDfa5Xup
	5WL6TrAquTKWynLmv3mu2bIkOa7kYYFamM4Ts5GlvUc/azI/PJHr147KXPVkMuclK3kyRH
	xeKZDj/qqW++jVxKjlLi4EIipkr1vtvLxeDM+rlEy0KJz+4mWc5QtSpM/0whRsbDB5smlV
	zpb7P9I5ZozN19QC56vSp1Z0sZpTHOAHZs9CrOD+HaiOmcnVvxbJ3Xv5YzRqXw==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WpBM54QDqz13mS
	for <net@FreeBSD.org>; Tue, 20 Aug 2024 14:15:29 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47KEFT06081410
	for <net@FreeBSD.org>; Tue, 20 Aug 2024 14:15:29 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47KEFTnZ081409
	for net@FreeBSD.org; Tue, 20 Aug 2024 14:15:29 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling
 in pf firewall (ping, traceroute)
Date: Tue, 20 Aug 2024 14:15:27 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 14.1-RELEASE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: franco@opnsense.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-280701-7501-4EUzSPVZHS@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@FreeBSD.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701

--- Comment #21 from Franco Fichtner <franco@opnsense.org> ---
Both extra patches combined look promising.  There are some conflicting rep=
orts
on whether they fix all edge cases:

1. mtr may still have issues.
2. IPv6 ICMP ping packets appear to be dropped sometimes.
3. Client devices (Android and Chromecast) disconnecting sporadically.

Both things are confirmed working on kernels prior to this SA or when rever=
ted.

In the spirit of moving this along we will ship the fixes instead of reverts
and will be happy to assist with remaining issues if they persist.


Cheers,
Franco

--=20
You are receiving this mail because:
You are the assignee for the bug.=