kern/190102: [tcp] net.inet.tcp.drop_synfin=1 no longer works on FreeBSD 10+ [regression]
Eygene Ryabinkin
rea at freebsd.org
Thu May 29 08:10:01 UTC 2014
The following reply was made to PR kern/190102; it has been noted by GNATS.
From: Eygene Ryabinkin <rea at freebsd.org>
To: hiren panchasara <hiren.panchasara at gmail.com>
Cc: "freebsd-net at freebsd.org" <freebsd-net at freebsd.org>,
FreeBSD GNATS followup <bug-followup at freebsd.org>
Subject: Re: kern/190102: [tcp] net.inet.tcp.drop_synfin=1 no longer works on
FreeBSD 10+ [regression]
Date: Thu, 29 May 2014 12:00:05 +0400
--keyOwv2R5UpfANsk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Wed, May 28, 2014 at 11:52:51PM -0700, hiren panchasara wrote:
> On Wed, May 28, 2014 at 10:46 PM, Eygene Ryabinkin <rea at freebsd.org> wrot=
e:
> > I assume that your pf(4) is enabled during these tests, you have
> > "scrub" statements in the ruleset and removing "scrub" will restore
> > the expected behaviour on 10.x?
>=20
> I can confirm that I see exactly what you are saying on a stable/10 box.
I had found 2 flavors of 9.x boxen: 9.1/9.2 that behave like 10.x and
some 9.0 that are dropping SYN|FIN even in the presence of "scrub".
The trouble is that the latter boxes are in full production, so I need
some time to try to reproduce that on the text box.
--=20
Eygene Ryabinkin ,,,^..^,,,
[ Life's unfair - but root password helps! | codelabs.ru ]
[ 82FE 06BC D497 C0DE 49EC 4FF0 16AF 9EAE 8152 ECFB | freebsd.org ]
--keyOwv2R5UpfANsk
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)
iL4EABEKAGYFAlOG6QVfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl
bnBncC5maWZ0aGhvcnNlbWFuLm5ldDgyRkUwNkJDRDQ5N0MwREU0OUVDNEZGMDE2
QUY5RUFFODE1MkVDRkIACgkQFq+eroFS7PtX4gEAlfR1J3rriTRJrZSkZMvZ6wRP
jVK+1i9Qvupkk+wiooIA+wTk7wyrdGMlW6j/+7MmLcJN8buTeOAsUG18GJ9ef/AH
=xpit
-----END PGP SIGNATURE-----
--keyOwv2R5UpfANsk--
More information about the freebsd-net
mailing list