- User Since
- Jun 15 2015, 5:39 PM (200 w, 2 d)
Oct 24 2018
Oct 22 2018
@skozlov feel free to take maintainership of net/intel-em-kmod and thanks for working on these modules! :)
Oct 21 2018
"if:0" and "(if:0)" have separate implementations. the one for "if:0" is missing, see ifa_lookup() in sbin/pfctl/pfctl_parser.c
Oct 12 2018
Oct 7 2018
Looks good, thanks!
Jul 23 2018
We all invest time so thank you for the offer. Yes, I am OK with that.
I do not wish to acknowledge the advertising in the commit message.
I'm sorry, I'm playing by the rules that FreeBSD imposes on its external contributors.
There's a PR here https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229904
Feb 13 2018
Any news on this? :)
Jan 31 2018
Seeing this after migration...
Aug 29 2017
this one is stable, thank you @ale
Aug 22 2017
No, I'm not asking for support that would take a few weeks of ping pong in a bug tracker, if any. This is real world feedback for this review. Take it or leave it. :)
Thanks, but we've narrowed it down to this commit.
We do seem to have a persistent problem with this patch in some PPPoE environments that will cause a crash in ng_pppoe_rcvdata_ether():
Jul 13 2017
Nevermind, now it displays correctly. Please commit. :)
can you rebase this patch? it looks off with the update to 3.2.2 and no OPTIONS_DEFINE like it was already applied
Jun 16 2017
So FWIW I stand by the approval of the previous version that does not use REDIS_CONFIGURE_ENABLE.
Jun 14 2017
Jun 13 2017
Jun 12 2017
Jun 11 2017
looks good, will accept after typo fix :)
Apr 9 2017
Jan 2 2017
Dec 26 2016
- correctly build against GENERIC
Dec 22 2016
I've updated the TUNNELBLICK patch to work with 2.4, it was just a clash with the new code formatting. Looks good so far, runtime test is pending.
Dec 21 2016
- omit empty reads for ip_get_fwdtag
- error out safely on failure
- use else if
- complete conversion
- requested changes
Dec 20 2016
I've answered in the mail thread, but asking here specifically again: why not make it even simpler?
Nov 14 2016
Closing for a fresh start on this with a KBI suggested by @ae
Nov 9 2016
I'm not doubting these changes, I just saw that enabling hyperscan for suricata is problematic for non SSE3 archs and there's no way around this :/
From what we can tell, especially the "illegal instruction trouble" (see below), we need a suricata-hs package that adds hyperscan without tainting the original package and make the new one amd64 only.
Nov 8 2016
Still looking for actionable advice. Thanks in advance.
Nov 2 2016
Where are we on this? Within the scope of this specific code up for review: what else should be done?
Oct 24 2016
There's two things here:
Oct 23 2016
@eri This is *not* about dummynet at all. This patch doesn't even cover anything other than making PACKET_TAG_IPFORWARD usable from a non-ipfw perspective, one could also call it "universally reusable".
Oct 21 2016
Almost, because ip_output also skips the pending pfil hooks in the direction :/
Maybe to elaborate just a bit more:
I'm not sure I understand.
I've only adhered to the Phabricator wiki guideline "Please make sure that your changeset does one thing (and one thing only) so that the review process goes smoothly. Small and self-contained changes are much easier to review!".
Oct 17 2016
@eri Asking for feedback.
Oct 10 2016
@eri I'm kindly requesting the required input :)
Oct 6 2016
Oct 1 2016
@eri which change are you requesting?
- pf: keep fastroute compat stubs, don't break ABI
Sep 28 2016
Mar 20 2016
Ok, I'll open a bug report for the MFC.
I just hit this and noticed it was never MFC'd. Can this be pushed to STABLE?
Jul 3 2015
Thanks! Are there any plans to MFC this to stable/10 as well?
Jun 15 2015
It's highly likely that LLE_EXCLUSIVE is always set since la_preempt is being modified. The other code branch of arpresolve() calling arprequest() is modifying/unlocking la in the same way. Cheers for tracking this down.