From hsn@sendmail.cz  Mon Aug 20 11:26:02 2007
Return-Path: <hsn@sendmail.cz>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7BF1416A417
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Aug 2007 11:26:02 +0000 (UTC)
	(envelope-from hsn@sendmail.cz)
Received: from smtp-out4.iol.cz (smtp-out4.iol.cz [194.228.2.92])
	by mx1.freebsd.org (Postfix) with ESMTP id 1190813C45B
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Aug 2007 11:25:57 +0000 (UTC)
	(envelope-from hsn@sendmail.cz)
Received: from antivir6.iol.cz (unknown [192.168.30.215])
	by smtp-out4.iol.cz (Postfix) with ESMTP id 1521916492F
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Aug 2007 11:25:56 +0000 (UTC)
Received: from localhost (antivir6.iol.cz [127.0.0.1])
	by antivir6.iol.cz (Postfix) with ESMTP id 3E954260040
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Aug 2007 13:25:55 +0200 (CEST)
Received: from antivir6.iol.cz ([127.0.0.1])
	by localhost (antivir6.iol.cz [127.0.0.1]) (amavisd-new, port 10224)
	with LMTP id 7k6w5eBrzT7p for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 20 Aug 2007 13:25:55 +0200 (CEST)
Received: from smtp-out4.iol.cz (mta-out4 [192.168.30.31])
	by antivir6.iol.cz (Postfix) with ESMTP id 00734260036
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Aug 2007 13:25:54 +0200 (CEST)
Received: from sanatana.dharma (234.114.broadband5.iol.cz [88.100.114.234])
	by smtp-out4.iol.cz (Postfix) with ESMTP id 1F45547E9C
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 20 Aug 2007 13:25:52 +0200 (CEST)
Received: from hsn-sf@localhost
	by sanatana.dharma (Exim 4.67_0 FreeBSD) id 1IN5OG-000Dn3-72
	; Mon, 20 Aug 2007 13:25:48 +0200
Message-Id: <E1IN5OG-000Dn3-72@sanatana.dharma>
Date: Mon, 20 Aug 2007 13:25:48 +0200
From: Radim Kolar <hsn@netmag.cz>
Sender: "Radim Kolar SF.NET" <hsn-sf@sanatana.iol.cz>
Reply-To: Radim Kolar <hsn@netmag.cz>
To: FreeBSD-gnats-submit@freebsd.org
Cc: hsn@sendmail.cz 
Subject: [net] [pf] pfctl -k dont works
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         115640
>Category:       kern
>Synopsis:       [net] [pf] pfctl -k dont works
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-pf
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Aug 20 11:30:01 GMT 2007
>Closed-Date:    Wed Nov 21 22:23:32 UTC 2007
>Last-Modified:  Wed Nov 21 22:23:32 UTC 2007
>Originator:     Radim Kolar
>Release:        FreeBSD 6.2-RELEASE i386
>Organization:
>Environment:
System: FreeBSD sanatana.dharma 6.2-RELEASE FreeBSD 6.2-RELEASE #1: Sun Jan 14 11:36:17 CET 2007 root@sanatana.dharma:/usr/obj/usr/src/sys/UP i386


	
>Description:
pfctl -k dont works. no states are killed. i tested same stuff on
openbsd 4.1 and it works there.
	
>How-To-Repeat:
(hsn@ttyp1):~% sudo pfctl -s state
No ALTQ support in kernel
ALTQ related functions disabled
self tcp 10.0.0.2:22 <- 10.0.0.3:3614       ESTABLISHED:ESTABLISHED
self tcp 10.0.0.2:22 <- 10.0.0.3:3153       ESTABLISHED:ESTABLISHED
self tcp 10.0.0.2:3128 <- 10.0.0.3:2704       ESTABLISHED:ESTABLISHED
self tcp 10.0.0.2:3128 <- 10.0.0.3:2746       FIN_WAIT_2:FIN_WAIT_2
self tcp 10.0.0.2:3128 <- 10.0.0.3:2747       FIN_WAIT_2:FIN_WAIT_2
self tcp 10.0.0.2:53883 -> 72.14.221.17:80       ESTABLISHED:ESTABLISHED
self tcp 10.0.0.2:52929 -> 72.14.221.18:80       FIN_WAIT_2:FIN_WAIT_2
self tcp 10.0.0.2:54132 -> 64.233.183.99:80       FIN_WAIT_2:FIN_WAIT_2
self tcp 10.0.0.2:61930 -> 64.213.200.101:80       FIN_WAIT_2:FIN_WAIT_2
self tcp 10.0.0.2:5432 <- 216.139.224.106:56918       ESTABLISHED:ESTABLISHED
(hsn@ttyp1):~% sudo pfctl -k 216.139.224.106 -k 10.0.0.2
No ALTQ support in kernel
ALTQ related functions disabled
killed 0 states from 1 sources and 1 destinations
(hsn@ttyp1):~% sudo pfctl -k 216.139.224.106
No ALTQ support in kernel
ALTQ related functions disabled
killed 0 states from 1 sources and 0 destinations

dump of network configuration:
fxp0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        ether 00:a0:c9:0f:97:1e
        media: Ethernet manual
ed0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        ether 00:00:01:02:20:56
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
        inet 127.0.0.2 netmask 0xff000000
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 10.0.0.2 netmask 0xffffff00 broadcast 10.0.0.255
        ether fe:d0:a2:b9:14:84
        priority 32768 hellotime 2 fwddelay 15 maxage 20
        member: tap0 flags=3<LEARNING,DISCOVER>
        member: ed0 flags=3<LEARNING,DISCOVER>
        member: fxp0 flags=3<LEARNING,DISCOVER>
tap0: flags=8942<BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        ether 00:bd:9d:cd:89:00
        Opened by PID 42886
>Fix:
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-pf 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Tue Aug 21 11:12:08 UTC 2007 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=115640 
State-Changed-From-To: open->closed 
State-Changed-By: pav 
State-Changed-When: Wed Nov 21 22:23:10 UTC 2007 
State-Changed-Why:  
Submitter reports the bugs are fixed in 7.0-PRE. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=115640 
>Unformatted:
