netbsd-bugs: Re: kern/34799: IP Filter does not work correctly with gem(4) when hardware chec

Subject: Re: kern/34799: IP Filter does not work correctly with gem(4) when hardware chec
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: David H. GUTTERIDGE <dhgutteridge@sympatico.ca>
List: netbsd-bugs
Date: 10/18/2006 03:15:08

The following reply was made to PR kern/34799; it has been noted by GNATS.

From: "David H. GUTTERIDGE" <dhgutteridge@sympatico.ca>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: kern/34799: IP Filter does not work correctly with gem(4) when hardware chec
Date: Wed, 18 Oct 2006 02:02:05 +0000

 >  I'm having trouble reproducing this bug on my sparc64.  I assume I've 
 >made
 >  an error in mbuf handling.  Could you share your ipf.conf?
 
 Here's my ipf.conf:
 
 pass in quick on lo0 all
 pass out quick on lo0 all
 
 block return-rst in log quick proto tcp all
 block in log quick proto udp all
 block in log quick proto icmp all
 
 block out log quick all head 1
   pass out proto tcp from any to any flags S keep state keep frags group 1
   pass out proto udp from any to any keep state keep frags group 1
   pass out proto icmp from any to any keep state keep frags group 1
   block out log quick from any to 127.0.0.0/8 group 1
   block out log quick from any to 172.16.0.0/12 group 1
   block out log quick from any to 10.0.0.0/8 group 1
   block out log quick from any to 255.255.255.255/32 group 1
   block out log quick from any to 0.0.0.0/8 group 1
   block out log quick from any to 169.254.0.0/16 group 1
   block out log quick from any to 192.0.2.0/24 group 1
   block out log quick from any to 204.152.64.0/23 group 1
   block out log quick from any to 224.0.0.0/3 group 1
 
 Relevant ifconfig details are:
 
 gem0: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         capabilities=66<TCP4CSUM,UDP4CSUM,TCP4CSUM_Rx,UDP4CSUM_Rx>
         enabled=6<TCP4CSUM,UDP4CSUM>
 
 Here is a transcript of a sample test I did:
 
 [root@arcusv:root]# ifconfig gem0 tcp4csum
 [root@arcusv:root]# ifconfig gem0 udp4csum
 [root@arcusv:root]# date
 Tue Oct 17 21:20:43 EDT 2006
 [root@arcusv:root]# ping www.onetbsd.org
 ping: Cannot resolve "www.onetbsd.org" (Host name lookup failure)
 [root@arcusv:root]# tail -1 /var/log/messages
 Oct 17 21:21:14 arcusv ipmon[255]: 21:21:13.891345 gem0 @0:3 b 
 arcus0.nonus-porta.net[192.168.1.6],domain -> 
 arcusv.nonus-porta.net[192.168.1.5],65532 PR udp len 20 150 IN bad
 [root@arcusv:root]# ifconfig gem0 -tcp4csum
 [root@arcusv:root]# ifconfig gem0 -udp4csum
 [root@arcusv:root]# ping www.onetbsd.org
 PING www.onetbsd.org (213.28.202.226): 56 data bytes
 64 bytes from 213.28.202.226: icmp_seq=0 ttl=236 time=322.561 ms
 64 bytes from 213.28.202.226: icmp_seq=1 ttl=236 time=165.242 ms
 64 bytes from 213.28.202.226: icmp_seq=2 ttl=236 time=164.031 ms
 ^C
 ----www.onetbsd.org PING Statistics----
 3 packets transmitted, 3 packets received, 0.0% packet loss
 round-trip min/avg/max/stddev = 164.031/217.278/322.561/91.180 ms
 
 Dave