Page MenuHomeFreeBSD
People ae

ae (Andrey V. Elsukov)
User

Projects

User Details

User Since
Jun 4 2014, 7:25 AM (628 w, 2 d)

Recent Activity
View All

Tue, Jun 16

ae accepted D57394: syslogd: Handle connection errors when setting up forwarding sockets.

Still works. :)

Tue, Jun 16, 9:40 AM

Mon, Jun 15

ae added a comment to D57394: syslogd: Handle connection errors when setting up forwarding sockets.

This seems to works now. I compared output of sockstat -46wn after reboot and after service syslogd restart - they seem the same.

Mon, Jun 15, 7:30 AM

Thu, Jun 11

ae added a comment to D57394: syslogd: Handle connection errors when setting up forwarding sockets.

I tested the case when syslogd started after bird and it can do it without patch. But we lose some messages.
I also tried to add fake routes before syslogd start and remove them just after it started. But since connect(2) does source address selection for local endpoint, this leads to binding to wrong source address.
Currently I see only two solutions:

  1. Rollback all commits to a point before migration to capability mode support and stay with old implementation.
  2. Use rsyslogd as full replacement or use it to listen on local port and forward to remote endpoints.
Thu, Jun 11, 12:54 PM

Thu, Jun 4

ae added a comment to D51635: dbm_nextkey: Always return an error if we've reached the end of the database.

I think this commit breaks the case, when cursor is not yet set:

R_NEXT  Retrieve the key/data pair immediately after the cursor.
        If the cursor is not yet set, this is the same as the
        R_FIRST flag.

at least we found that now it is required to pass R_FIRST in the read loop:

+       flags = R_FIRST;
-       while ((ret = dbh->seq(dbh, &keycol, &valuecol, R_NEXT)) == 0) {
+       while ((ret = dbh->seq(dbh, &keycol, &valuecol, flags)) == 0) {
+               if (flags == R_FIRST)
+                       flags = R_NEXT;

otherwise the application didn't see any entries in db file.

Thu, Jun 4, 12:14 PM

Wed, Jun 3

ae added a comment to D57394: syslogd: Handle connection errors when setting up forwarding sockets.

No, it doesn't help.

17146 syslogd  CALL  socket(PF_INET6,0x10000002<SOCK_DGRAM|SOCK_CLOEXEC>,IPPROTO_UDP)
17146 syslogd  RET   socket 5
17146 syslogd  CALL  connect(0x5,0x23c6f2034820,0x1c)
17146 syslogd  STRU  struct sockaddr { AF_INET6, [2a02:XXX::XXX]:1 }
17146 syslogd  RET   connect -1 errno 65 No route to host
17146 syslogd  CALL  close(0x5)
17146 syslogd  RET   close 0
17146 syslogd  CALL  socket(PF_INET,0x10000002<SOCK_DGRAM|SOCK_CLOEXEC>,IPPROTO_UDP)
17146 syslogd  RET   socket 5
17146 syslogd  CALL  connect(0x5,0x23c6f2034820,0x10)
17146 syslogd  STRU  struct sockaddr { AF_INET, 141.XXX.XXX.XXX:1 }
17146 syslogd  RET   connect -1 errno 51 Network is unreachable
17146 syslogd  CALL  close(0x5)
17146 syslogd  RET   close 0
17146 syslogd  CALL  socket(PF_INET6,0x2<SOCK_DGRAM>,IPPROTO_IP)
17146 syslogd  RET   socket 5
17146 syslogd  CALL  setsockopt(0x5,SOL_SOCKET,SO_REUSEPORT,0x23c6f20349fc,0x4)
17146 syslogd  RET   setsockopt 0
17146 syslogd  CALL  bind(0x5,0x4b0c58c436d8,0x1c)
17146 syslogd  STRU  struct sockaddr { AF_INET6, [::]:514 }
17146 syslogd  RET   bind 0
17146 syslogd  CALL  connect(0x5,0x4b0c58c132b0,0x1c)
17146 syslogd  STRU  struct sockaddr { AF_INET6, [2a02:XXX::XXX]:514 }
17146 syslogd  RET   connect -1 errno 65 No route to host
17146 syslogd  CALL  close(0x5)
17146 syslogd  RET   close 0
17146 syslogd  CALL  socket(PF_INET6,0x2<SOCK_DGRAM>,IPPROTO_IP)
17146 syslogd  RET   socket 5
17146 syslogd  CALL  connect(0x5,0x4b0c58c132b0,0x1c)
17146 syslogd  STRU  struct sockaddr { AF_INET6, [2a02:XXX::XXX]:514 }
17146 syslogd  RET   connect -1 errno 65 No route to host
17146 syslogd  CALL  close(0x5)
17146 syslogd  RET   close 0
17146 syslogd  CALL  socket(PF_INET,0x2<SOCK_DGRAM>,IPPROTO_IP)
17146 syslogd  RET   socket 5
17146 syslogd  CALL  setsockopt(0x5,SOL_SOCKET,SO_REUSEPORT,0x23c6f20349fc,0x4)
17146 syslogd  RET   setsockopt 0
17146 syslogd  CALL  bind(0x5,0x4b0c58c4f0c8,0x10)
17146 syslogd  STRU  struct sockaddr { AF_INET, 0.0.0.0:514 }
17146 syslogd  RET   bind 0
17146 syslogd  CALL  connect(0x5,0x4b0c58c12230,0x10)
17146 syslogd  STRU  struct sockaddr { AF_INET, 141.XXX.XXX.XXX:514 }
17146 syslogd  RET   connect -1 errno 51 Network is unreachable
17146 syslogd  CALL  close(0x5)
17146 syslogd  RET   close 0
17146 syslogd  CALL  socket(PF_INET,0x2<SOCK_DGRAM>,IPPROTO_IP)
17146 syslogd  RET   socket 5
17146 syslogd  CALL  connect(0x5,0x4b0c58c12230,0x10)
17146 syslogd  STRU  struct sockaddr { AF_INET, 141.XXX.XXX.XXX:514 }
17146 syslogd  RET   connect -1 errno 51 Network is unreachable
17146 syslogd  CALL  close(0x5)
17146 syslogd  RET   close 0
17146 syslogd  CALL  write(0x2,0x23c6f2034250,0x9)
17146 syslogd  GIO   fd 2 wrote 9 bytes
      "syslogd: "
17146 syslogd  RET   write 9
17146 syslogd  CALL  write(0x2,0x23c6f2034340,0x3a)
17146 syslogd  GIO   fd 2 wrote 58 bytes
      "failed to create forwarding socket for HOSTNAME.DOMAIN"
17146 syslogd  RET   write 58/0x3a
17146 syslogd  CALL  write(0x2,0x23c6f7472107,0x1)
17146 syslogd  GIO   fd 2 wrote 1 byte
      "
      "
17146 syslogd  RET   write 1
17146 syslogd  CALL  _exit(0x1)

As I understand, due to capability mode we cannot use sendto and connect when syslogd is already started and configured.
Probably, specified address is not reachable during boot time and its route will appear when routing daemon will start.
But bird has # REQUIRE: DAEMON in its startup script and it will start much later.

Wed, Jun 3, 7:27 AM

Fri, May 29

ae committed rGd2e63a095193: ipfw: fix parsing error in nat config port_range (authored by terehovv_mail.ru).
ipfw: fix parsing error in nat config port_range
Fri, May 29, 8:05 AM
ae committed rG33cafd3fadd0: ipfw: fix parsing error in nat config port_range (authored by terehovv_mail.ru).
ipfw: fix parsing error in nat config port_range
Fri, May 29, 8:04 AM

Mon, May 25

ae committed rG7ba922959d7e: ipfw: treat ipv6 address with zero mask as 'any' (authored by ae).
ipfw: treat ipv6 address with zero mask as 'any'
Mon, May 25, 7:07 AM
ae committed rG9acea8aa36e9: ipfw: treat ipv6 address with zero mask as 'any' (authored by ae).
ipfw: treat ipv6 address with zero mask as 'any'
Mon, May 25, 7:06 AM

Thu, May 21

ae committed rG6eba055fcf5b: ipfw: fix parsing error in nat config port_range (authored by terehovv_mail.ru).
ipfw: fix parsing error in nat config port_range
Thu, May 21, 8:11 AM
ae closed D57010: sbin/ipfw: fix parsing error in nat config port_range.
Thu, May 21, 8:11 AM

May 19 2026

ae committed rG8b10555b6b70: ipfw: fix IPv6 flow label matching (authored by lytboris_gmail.com).
ipfw: fix IPv6 flow label matching
May 19 2026, 7:28 AM

May 17 2026

ae committed rG2872268c7f6d: ipfw: treat ipv6 address with zero mask as 'any' (authored by ae).
ipfw: treat ipv6 address with zero mask as 'any'
May 17 2026, 10:16 AM
ae closed D56618: ipfw: treat ipv6 address with zero mask as 'any'.
May 17 2026, 10:15 AM

May 15 2026

ae updated the diff for D56618: ipfw: treat ipv6 address with zero mask as 'any'.

Add tests.

May 15 2026, 9:37 AM

May 12 2026

ae committed rG3d39eadcdeb3: ipfw: fix IPv6 flow label matching (authored by lytboris_gmail.com).
ipfw: fix IPv6 flow label matching
May 12 2026, 7:49 AM
ae closed D56869: Fix IPv6 flow label match in ipfw.
May 12 2026, 7:49 AM

May 7 2026

ae added a reviewer for D56869: Fix IPv6 flow label match in ipfw: network.
May 7 2026, 4:52 PM
ae committed rG81df9a1045c3: etcupdate: fix arguments order of diff command (authored by lytboris_gmail.com).
etcupdate: fix arguments order of diff command
May 7 2026, 12:12 PM
ae committed rG4e57c937999d: etcupdate: fix arguments order of diff command (authored by lytboris_gmail.com).
etcupdate: fix arguments order of diff command
May 7 2026, 12:09 PM

May 6 2026

ae accepted D56797: defaultroute: fix dual-stack and IPv6-only handling.
May 6 2026, 11:37 AM · rc, network

Apr 30 2026

ae committed rG6d65c91b9a47: etcupdate: fix arguments order of diff command (authored by lytboris_gmail.com).
etcupdate: fix arguments order of diff command
Apr 30 2026, 11:38 AM
ae closed D56708: Fix etcupdate diff with POSIXLY_CORRECT set, add option to list changes files.
Apr 30 2026, 11:38 AM

Apr 24 2026

ae updated the summary of D56618: ipfw: treat ipv6 address with zero mask as 'any'.
Apr 24 2026, 1:08 PM
ae requested review of D56618: ipfw: treat ipv6 address with zero mask as 'any'.
Apr 24 2026, 1:06 PM

Apr 9 2026

ae committed rG4b6de64b99b9: ipfw_nptv6: fix handling the ifaddr removal event (authored by ae).
ipfw_nptv6: fix handling the ifaddr removal event
Apr 9 2026, 8:37 AM
ae committed rGbdad7024181b: ipfw_nptv6: fix handling the ifaddr removal event (authored by ae).
ipfw_nptv6: fix handling the ifaddr removal event
Apr 9 2026, 8:36 AM

Apr 2 2026

ae committed rGd9d7b5948649: ipfw_nptv6: fix handling the ifaddr removal event (authored by ae).
ipfw_nptv6: fix handling the ifaddr removal event
Apr 2 2026, 10:25 AM

Mar 31 2026

ae accepted D56176: gif: use hashalloc(9).
Mar 31 2026, 8:38 AM

Mar 29 2026

ae accepted D56133: nd6: Ignore entire PI if violates RFC 4862 section 5.5.3.
Mar 29 2026, 5:00 PM
ae added a comment to D56130: nd6: break nd6_prefix_update out of prelist_update.
In D56130#1283954, @pouria wrote:

For reviewers:
The whole revision stack will reduce PI code complexity and fix multiple issues along the way.
I also wrote additional tests in D56128 to make sure everything works as intended.

Mar 29 2026, 3:28 PM

Mar 24 2026

ae committed rGa9b93531788c: ipfw: add support for masked ip-address lookups (authored by lytboris_gmail.com).
ipfw: add support for masked ip-address lookups
Mar 24 2026, 9:35 AM

Mar 11 2026

ae added a comment to D55804: carp: retire ioctl(2) API.

Also, there are some references in carp(4) man page and ifconfig code.

Mar 11 2026, 10:25 AM

Mar 1 2026

ae committed rG32cd3ee5901e: ipfw: add support for masked ip-address lookups (authored by lytboris_gmail.com).
ipfw: add support for masked ip-address lookups
Mar 1 2026, 7:06 PM
ae closed D53694: [ipfw] Add support for masked ip-address lookups.
Mar 1 2026, 7:06 PM
ae accepted D55599: netinet6: Tear down IPv6 source address selection policies with rest of IPv6..
Mar 1 2026, 8:09 AM

Feb 27 2026

ae added a comment to D55558: fix global demotion counter to VRRP advertisements.
In D55558#1271208, @bms wrote:

Just my 2c: I think we should be discouraging users from implementing CARP at all.

Feb 27 2026, 7:26 PM
ae accepted D55546: gre: unbreak LINT-NOINET.

LGTM.

Feb 27 2026, 10:28 AM

Feb 20 2026

ae added a comment to D55398: if_gre: make access to softc's data safe in network epoch.
In D55398#1267078, @pouria wrote:

I don't understand why we need a separate data structure (priv).

Feb 20 2026, 4:24 PM
ae published D55398: if_gre: make access to softc's data safe in network epoch for review.
Feb 20 2026, 2:54 PM

Feb 10 2026

ae committed rG704ec5e68c44: ipfw: add ability to run ipfw(8) binary with 15.0+ kernel module (authored by lytboris_gmail.com).
ipfw: add ability to run ipfw(8) binary with 15.0+ kernel module
Feb 10 2026, 12:08 PM
ae closed D54763: Make sbin/ipfw on RELENG_14 compatible to ipfw kernel module on RELENG_15+.
Feb 10 2026, 12:07 PM

Feb 6 2026

ae added a comment to D54443: if_gre: Add netlink support with tests.
In D54443#1260647, @pouria wrote:

I see no problems with this patch alongside my changes.
We have a minor conflict, which I resolved at github.
Also, AFAICU, I don't need to use priv instead of softc for netlink because I didn't touch the data plane.
Your code will synchronize priv and softc together so there should be no problem to directly using the softc.

Should I do anything else?

Feb 6 2026, 12:05 PM

Feb 5 2026

ae added a comment to D54443: if_gre: Add netlink support with tests.

Can you take a look at this patch? Maybe you can reuse some pieces, it should fix 275474 and also make access to softc in a safer way.

Feb 5 2026, 2:03 PM

Jan 16 2026

ae added a comment to D54726: netinet6: embed struct scope6_id into struct in6_ifextra.

Do we still need this? I think scope modification ability was not used/implemented since KAME import.

Jan 16 2026, 11:46 AM

Jan 12 2026

ae added inline comments to D54535: ipfw: make the upper half lock sleepable.
Jan 12 2026, 11:11 AM

Jan 11 2026

ae accepted D54562: in6: Modify address prefix lifetimes when updating address lifetimes.

LGTM.

Jan 11 2026, 9:49 AM
ae accepted D54579: tests/ipfw: add a simple fuzzing test for ipfw tables.
Jan 11 2026, 9:38 AM

Dec 22 2025

ae added a comment to D54325: sys/netipsec: ensure sah stability during input callback processing.

I think you should note that this fixes some rare panics, that are reported in derived projects: panic: esp_input_cb: Unexpected address family

Dec 22 2025, 12:24 PM
ae accepted D54325: sys/netipsec: ensure sah stability during input callback processing.
Dec 22 2025, 12:23 PM

Dec 11 2025

ae accepted D53875: ipfw: create "ipfw0" and "ipfwlog0" bpf tapping points without ifnet(9).
Dec 11 2025, 5:33 PM

Dec 10 2025

ae accepted D53877: ipfw: create a bpf tap point for every log rule.
Dec 10 2025, 4:41 PM

Dec 3 2025

ae accepted D54011: ipdivert: Use CK_SLISTs for the divcb hash table.
Dec 3 2025, 1:38 AM

Nov 24 2025

ae added inline comments to D53877: ipfw: create a bpf tap point for every log rule.
Nov 24 2025, 9:28 PM
ae committed rGff3c48a64fe2: ipfw: fix lookup dst-ip opcode (authored by lytboris_gmail.com).
ipfw: fix lookup dst-ip opcode
Nov 24 2025, 8:29 PM

Nov 18 2025

ae committed rG8012c61bef3b: ipfw: fix lookup dst-ip opcode (authored by lytboris_gmail.com).
ipfw: fix lookup dst-ip opcode
Nov 18 2025, 10:39 AM
ae closed D53775: [ipfw] Unbreak lookup src/dst-ip.
Nov 18 2025, 10:38 AM
ae accepted D53769: ipsec: Fix typos in references to IPsec's ESP.
Nov 18 2025, 2:32 AM

Nov 12 2025

ae accepted D53694: [ipfw] Add support for masked ip-address lookups.

LGTM.

Nov 12 2025, 1:42 PM

Oct 27 2025

ae accepted D53359: ipfw: Correct error message.
Oct 27 2025, 9:19 AM

Oct 26 2025

ae committed rGf7937053fd08: arp: fix adding proxy entries for P2P interfaces (authored by ae).
arp: fix adding proxy entries for P2P interfaces
Oct 26 2025, 11:22 AM
ae committed rG9e829d0693a7: arp: fix adding proxy entries for P2P interfaces (authored by ae).
arp: fix adding proxy entries for P2P interfaces
Oct 26 2025, 11:21 AM

Oct 25 2025

ae accepted D53343: ipfw: Retire obsolete compat code.

LGTM.

Oct 25 2025, 7:01 PM

Oct 22 2025

ae added a comment to D44204: ip6_output: Reduce cache misses on pktopts.

It seems to have affected MLDv6: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290407

Oct 22 2025, 9:10 AM

Oct 18 2025

ae committed rG317a5dd0288e: ipfw: do not use errno value for error reporting (authored by lytboris_gmail.com).
ipfw: do not use errno value for error reporting
Oct 18 2025, 12:06 PM
ae committed rG7a2a874a0b46: carp6: revise the generation of ND6 NA (authored by ae).
carp6: revise the generation of ND6 NA
Oct 18 2025, 12:04 PM
ae committed rG2efda1b8c0f9: carp6: revise the generation of ND6 NA (authored by ae).
carp6: revise the generation of ND6 NA
Oct 18 2025, 12:02 PM

Oct 17 2025

ae committed rGc26d6bf9da01: arp: fix adding proxy entries for P2P interfaces (authored by ae).
arp: fix adding proxy entries for P2P interfaces
Oct 17 2025, 8:23 AM
ae closed D53113: arp: fix proxyarp for P2P with netlink.
Oct 17 2025, 8:23 AM

Oct 15 2025

ae committed rG613eb8ee9cb2: ipv6: don't complain when deleting an address with prefix length of 128 (authored by ae).
ipv6: don't complain when deleting an address with prefix length of 128
Oct 15 2025, 2:07 PM
ae committed rG25c6697b0b98: ipv6: don't complain when deleting an address with prefix length of 128 (authored by ae).
ipv6: don't complain when deleting an address with prefix length of 128
Oct 15 2025, 2:06 PM
ae published D53113: arp: fix proxyarp for P2P with netlink for review.
Oct 15 2025, 1:31 PM

Oct 14 2025

ae committed rGdfd822b1f084: ipfw: do not use errno value for error reporting (authored by lytboris_gmail.com).
ipfw: do not use errno value for error reporting
Oct 14 2025, 8:15 AM
ae closed D53050: Do not report random errors as table-managing errors in ipfw.
Oct 14 2025, 8:15 AM
ae accepted D53068: ipfw: Check for errors from sooptcopyin() and sooptcopyout().

Yes, I think they were replaced with handlers from ipfw_sopt_handler.

Oct 14 2025, 7:38 AM

Oct 13 2025

ae accepted D53050: Do not report random errors as table-managing errors in ipfw.
Oct 13 2025, 9:27 AM

Oct 8 2025

ae accepted D52951: rcorder: Fix grammar in warning about loops.
Oct 8 2025, 9:49 AM

Oct 7 2025

ae closed D52952: ipv6: don't complain when deleting an address with prefix length of 128.
Oct 7 2025, 1:12 PM
ae committed rGc4cce0a3e94e: ipv6: don't complain when deleting an address with prefix length of 128 (authored by ae).
ipv6: don't complain when deleting an address with prefix length of 128
Oct 7 2025, 1:11 PM
ae published D52952: ipv6: don't complain when deleting an address with prefix length of 128 for review.
Oct 7 2025, 9:54 AM

Oct 3 2025

ae committed rG716acd9367df: carp6: revise the generation of ND6 NA (authored by ae).
carp6: revise the generation of ND6 NA
Oct 3 2025, 8:03 AM
ae closed D52825: ip6+carp: revise the generation of ND6 NA.
Oct 3 2025, 8:02 AM
ae accepted D52876: Update ipfw regression tests after ipfw updated some opcode size.
Oct 3 2025, 7:47 AM

Oct 1 2025

ae published D52825: ip6+carp: revise the generation of ND6 NA for review.
Oct 1 2025, 12:28 PM

Sep 23 2025

ae committed rGfb4be8661166: IPv6: fix off-by-one in pltime and vltime expiration checks (authored by ae).
IPv6: fix off-by-one in pltime and vltime expiration checks
Sep 23 2025, 8:34 AM
ae committed rG586183128f2f: IPv6: fix off-by-one in pltime and vltime expiration checks (authored by ae).
IPv6: fix off-by-one in pltime and vltime expiration checks
Sep 23 2025, 8:34 AM

Sep 16 2025

ae accepted D52566: ipfw: Teach ipfw that EtherIP is an upper layer protocol.
Sep 16 2025, 7:45 AM
ae committed rG588a5fad3e8b: IPv6: fix off-by-one in pltime and vltime expiration checks (authored by ae).
IPv6: fix off-by-one in pltime and vltime expiration checks
Sep 16 2025, 7:39 AM
ae closed D52323: ip6: fix off-by-one in pltime and vltime expiration checks.
Sep 16 2025, 7:39 AM

Sep 8 2025

ae added a reviewer for D52323: ip6: fix off-by-one in pltime and vltime expiration checks: bz.
Sep 8 2025, 11:17 AM

Sep 2 2025

ae accepted D52323: ip6: fix off-by-one in pltime and vltime expiration checks.

LGTM.

Sep 2 2025, 9:27 AM

Aug 3 2025

ae committed rG877e70e6087f: ipfw: add protected rule for orphaned dynamic states (authored by ae).
ipfw: add protected rule for orphaned dynamic states
Aug 3 2025, 10:08 AM
ae closed D51460: ipfw: add protected rule for orphaned dynamic states.
Aug 3 2025, 10:08 AM
ae committed rG3b67473b9757: ipfw: add additional handling for orphaned states (authored by ae).
ipfw: add additional handling for orphaned states
Aug 3 2025, 10:00 AM
ae closed D51459: ipfw: add additional check for orphaned states.
Aug 3 2025, 9:59 AM
ae committed rG91ed876385d4: ipfw: forbid adding keep-state rules that depend on tablearg (authored by ae).
ipfw: forbid adding keep-state rules that depend on tablearg
Aug 3 2025, 9:53 AM
ae closed D51458: ipfw: forbid add keep-state rules that depend from tablearg.
Aug 3 2025, 9:53 AM
ae closed D51457: ipfw: add numeric initializers to enum ipfw_opcodes..
Aug 3 2025, 9:45 AM
ae committed rG12e61c31dbd5: ipfw: add numeric initializers to enum ipfw_opcodes (authored by ae).
ipfw: add numeric initializers to enum ipfw_opcodes
Aug 3 2025, 9:45 AM

Jul 23 2025

ae added inline comments to D51468: if_ovpn: support floating clients.
Jul 23 2025, 6:02 PM