From root@spotteswoode.dnsalias.org  Mon Jan 14 14:19:14 2008
Return-Path: <root@spotteswoode.dnsalias.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A2EF816A41A
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 14 Jan 2008 14:19:14 +0000 (UTC)
	(envelope-from root@spotteswoode.dnsalias.org)
Received: from mail-out03.broadnet-mediascape.de (mail-out03.broadnet-mediascape.de [62.206.1.20])
	by mx1.freebsd.org (Postfix) with SMTP id 366A313C4E5
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 14 Jan 2008 14:19:13 +0000 (UTC)
	(envelope-from root@spotteswoode.dnsalias.org)
Received: (qmail 26483 invoked by uid 111); 14 Jan 2008 13:52:31 -0000
Received: from 212.99.205.87 by mail-out03 (envelope-from <root@spotteswoode.dnsalias.org>, uid 104) with qmail-scanner-1.25 
 (trophie: 7.510-1002/943/21053.  
 Clear:RC:1(212.99.205.87):. 
 Processed in 0.183784 secs); 14 Jan 2008 13:52:31 -0000
Received: from d463cd57.datahighways.de (HELO spotteswoode.dnsalias.org) (212.99.205.87)
  by mail-out03.broadnet-mediascape.de with SMTP; 14 Jan 2008 13:52:30 -0000
Received: by spotteswoode.dnsalias.org (Postfix, from userid 0)
	id AFC047E5BF; Mon, 14 Jan 2008 14:52:30 +0100 (CET)
Message-Id: <20080114135230.AFC047E5BF@spotteswoode.dnsalias.org>
Date: Mon, 14 Jan 2008 14:52:30 +0100 (CET)
From: clemens fischer <ino-news@spotteswoode.dnsalias.org>
Reply-To: clemens fischer <ino-news@spotteswoode.dnsalias.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: clemens fischer <ino-news@spotteswoode.dnsalias.org>
Subject: [pf] "queue (someq, empy_acks)" doesn't work
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         119661
>Category:       kern
>Synopsis:       [pf] "queue (someq, empy_acks)" doesn't work
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-pf
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 14 14:20:02 UTC 2008
>Closed-Date:    Fri May 02 12:16:25 UTC 2008
>Last-Modified:  Fri May  2 12:20:04 UTC 2008
>Originator:     clemens fischer
>Release:        FreeBSD 7.0-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD spotteswoode.dnsalias.org 7.0-PRERELEASE
FreeBSD 7.0-PRERELEASE #4: Sat Dec 29 14:03:11 CET 2007
root@spotteswoode.dnsalias.org:/usr/obj/usr/src/sys/spott_fbsd7_i386
i386

>Description:

pf.conf(5) mentions the possibility of routing empty tcp acks or
low-delay packets using the notation "queue (some_queue, empty_acks)" in
any rule to expedite this type of packets.  there are also examples in
usr/share/examples/pf/ for this.  the feature doesn't work.

>How-To-Repeat:

try a ruleset like this:

  altq on nic0 bandwidth 1Mb cbq queue { dflt, background, interactive, tcp_ack }
  queue dflt bandwidth 15% cbq(default)
  queue interactive bandwidth 50% priority 5 cbq(borrow)
  queue background  bandwidth 30% priority 3 cbq(red)
  queue tcp_ack bandwidth 5% priority 7 cbq(borrow)
  ...
  pass out proto tcp from any to any \
    queue (interactive, tcp_ack)

this ruleset isn't parsed at all in that this rule doesn't appear in the
listing output by "pfctl -sa".  if the last line is changed to "queue
interactive", the rule is listed and works.

>Fix:

none known.  i bet it's the parser.

regards, clemens
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-pf 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Mon Jan 14 15:21:00 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119661 
State-Changed-From-To: open->feedback 
State-Changed-By: mlaier 
State-Changed-When: Mon Jan 14 16:26:05 UTC 2008 
State-Changed-Why:  
Works for me with the exact same rule.  Can you provide more details to 
freebsd-pf@ for discussion and analysis? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119661 

From: clemens fischer <ino-news@spotteswoode.dnsalias.org>
To: bug-followup@freebsd.org, ino-news@spotteswoode.dnsalias.org
Cc:  
Subject: Re: kern/119661: [pf] "queue (someq, empy_acks)" doesn't work
Date: Mon, 14 Jan 2008 20:02:47 +0100

 as it turns out, the BNF in pf.conf(5) is wrong and the rule listing by
 "pfctl -sa" gets it wrong, too.  the former doesn't imply a particular
 order of filter options and the latter displays them in a way that
 cannot be specified as input in etc/pf.conf.
 
 to get:
 
 pass out log (all) proto tcp from any to any flags S/SA modulate state \
   label "27: outbound tcp keep state" \
   queue(interactive, tcp_ack)
 
 you must write:
 
 pass out log (all) proto tcp from any to any modulate state \
   queue (interactive, tcp_ack) \
   label "$nr: outbound $proto keep state"
 
 if you reverse the order of "queue (...)" and "label ...", the rule
 doesn't get parsed at all with no error report.
 
 
 regards, clemens
State-Changed-From-To: feedback->open 
State-Changed-By: vwe 
State-Changed-When: Fri May 2 10:20:09 UTC 2008 
State-Changed-Why:  

Feedback has been provided. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119661 
State-Changed-From-To: open->closed 
State-Changed-By: mlaier 
State-Changed-When: Fri May 2 12:15:18 UTC 2008 
State-Changed-Why:  
Sorry, but PRs are not a free "debug my ruleset"-service.  There is no bug 
here! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119661 

From: Max Laier <max@love2party.net>
To: bug-followup@freebsd.org,
 ino-news@spotteswoode.dnsalias.org
Cc:  
Subject: Re: kern/119661: [pf] "queue (someq, empy_acks)" doesn't work
Date: Fri, 2 May 2008 14:10:37 +0200

 Sorry, still works for me:
 
  %echo 'pass out log (all) proto tcp from any to any flags S/SA modulate state label "27: outbound tcp keep state" queue(interactive, tcp_ack)' | pfctl -vvvf-
  Loaded 696 passive OS fingerprints
  @0 pass out log (all) proto tcp all flags S/SA modulate state label "27: outbound tcp keep state" queue(interactive, tcp_ack)
  %pfctl -vvsr
  @0 pass out log (all) proto tcp all flags S/SA modulate state label "27: outbound tcp keep state" queue(interactive, tcp_ack)
    [ Evaluations: 45        Packets: 0         Bytes: 0           States: 0     ]
    [ Inserted: uid 0 pid 1602 ]
 
 -- 
   Max
>Unformatted:
