Re: possible regression handling packet fragmentation in 14.0 with tftp/pxe
Date: Wed, 24 Apr 2024 05:54:17 UTC
Am Tue, 23 Apr 2024 09:50:33 -0500 schrieb Matthew Grooms <mgrooms@shrew.net>: > Sorry. I didn't missed some of the previous details here, but I see you > mention pf below. Did you happen to see this? > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276856 Ah, great. No, I hadn't seen that before, thanks. This certainly looks like it might be the cause of the issue I see, although I'm not sure I fully understand the situation. What I get so far is that * 14.0 does not reassemble packets by default anymore when using scrub while 13.x did * 14.0 silently drops fragmented packets by default where 13.x didn't Is that correct? That would probably explain why tftp couldn't pass my vpn tunnel anymore. What I am using in my pf.conf is a simple --- scrub in all --- From the bug report I get that either using --- scrub fragment reassemble --- or --- set reassemble yes --- should be able to fix this and get the old behaviour back? I remember playing with the "scrub fragment" option last week, but maybe I didn't try to explicitely turn it on as that was described as default in the manpage. Anyway, I'll look into this again, thank you very much for the pointer. One more question: Looking at the linked reviews: https://reviews.freebsd.org/D42355 https://reviews.freebsd.org/D42270 These appear to address the issue. I can get to the actual commit from the review: https://reviews.freebsd.org/rGede5d4ff5b39ccbc193c30fb6c093c7c4de9a464 Is there an easy way to find out where this commit ends up, i.e., whether it is merged into 14.0, 14.1 or so? cu Gerrit