From nobody Tue Aug 24 17:30:42 2021
X-Original-To: pf@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id ADE831792CB9
	for <pf@mlmmj.nyi.freebsd.org>; Tue, 24 Aug 2021 17:30:54 +0000 (UTC)
	(envelope-from ozkan.kirik@gmail.com)
Received: from mail-ua1-x930.google.com (mail-ua1-x930.google.com [IPv6:2607:f8b0:4864:20::930])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4GvGNZ4M08z4p9M;
	Tue, 24 Aug 2021 17:30:54 +0000 (UTC)
	(envelope-from ozkan.kirik@gmail.com)
Received: by mail-ua1-x930.google.com with SMTP id 37so8820738uau.13;
        Tue, 24 Aug 2021 10:30:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=B3hhZQ2ck1C6mMrx+/JgayZd1LQxXXhizWLThCD0d+8=;
        b=u2NKZNNmppovY2nufCfsgfW5i1pRweSPnbj11/6bEnTez9UqJwR5njQE1JTBkzk26a
         lmK3GWUYQPZpbOa9munBKIIxyfh77FdsSD73SFeQZmqM/GazEPjslBimrpeozONIPxA0
         FhlctS1LNw74iSFaOnVf04DchaZYqAgNDQrQR7c573gAA62Uys+ZK5CjZTDZl518ec1x
         Y4ciD5vH5jUbGf5dpzhSuicdZ9UPRLQ/seCqvmeXtD5FCA2SgSYCGb+dnThS1P6TyPz7
         +qK8hYULHUNxNUrjGfE+9ljEObEWwVRDsDDcoSDBLiiYFzK8L8uaJns474XvnbD2kqyw
         oRMw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=B3hhZQ2ck1C6mMrx+/JgayZd1LQxXXhizWLThCD0d+8=;
        b=CUNYhqyGYM4SKM2PN0DO52Mmk9zP0gvLjftph31hkWSKbXjHo1ecm3xa+jedRaVStZ
         q5TNdkYLs2BVJUsR8t4bTo/jihISL52LGrHVDGsrQcfB9MQxjjiyF2Sr9LORdjeBBrte
         14R2XssXGN60nQNFv5D8D1xNslyP8DotQ1yMVcg/vDF0GMvwcHKD5hzlXCHwshT/KHW3
         dElQYNkWavrGQ0bKymLLN0lh2QooqOibxG7JffKHFsc/JnngyFn7rbU8oPGdf7cSO1sI
         +0/FpSJCQt7kiw0cczGRZ3NCxOdbMwyD4ku2b1rlAHEhmV35uNrqRA9tldiYNZdbIP91
         ElyA==
X-Gm-Message-State: AOAM533bP5TjkRW/X9WTrJDucxmzUNIvdi5iJKPMEoypXze4W6EeNQpl
	Q1VMwTRGNh9NtzsMVymJujbfFzHMC+c+iT2LiQfS7+s21Do=
X-Google-Smtp-Source: ABdhPJzPlrazq/nz/zgp5aWwAS42Q97kJ/BSU2ZfmNzshVxFbWcmZ3VoqyYANNdzQgpNhDTe4r61gQy+xV0QaWtcms8=
X-Received: by 2002:a67:eec3:: with SMTP id o3mr29583263vsp.33.1629826253593;
 Tue, 24 Aug 2021 10:30:53 -0700 (PDT)
List-Id: Technical discussion and general questions about packet filter (pf) <freebsd-pf.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-pf
List-Help: <mailto:pf+help@freebsd.org>
List-Post: <mailto:pf@freebsd.org>
List-Subscribe: <mailto:pf+subscribe@freebsd.org>
List-Unsubscribe: <mailto:pf+unsubscribe@freebsd.org>
Sender: owner-freebsd-pf@freebsd.org
X-BeenThere: freebsd-pf@freebsd.org
MIME-Version: 1.0
References: <CAAcX-AE--sff1Quqy57Ux4GwA2Lr+PM6Rt6b7Z-OvZbtYASn=w@mail.gmail.com>
 <437ea6f8-a93f-4650-1e94-c52110d328e7@shurik.kiev.ua> <903A7599-FFBD-4E7C-A4E9-2EA2F2C7B16C@FreeBSD.org>
 <88FAB02B-D319-4501-857D-7F04922CD00D@FreeBSD.org>
In-Reply-To: <88FAB02B-D319-4501-857D-7F04922CD00D@FreeBSD.org>
From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com>
Date: Tue, 24 Aug 2021 20:30:42 +0300
Message-ID: <CAAcX-AErRok0=WQNSbmHpjNos_nWBMrdLcdWoQK1rLzKBD4JRg@mail.gmail.com>
Subject: Re: pfctl -k id not working
To: Kristof Provost <kp@freebsd.org>
Cc: Oleksandr Kryvulia <shuriku@shurik.kiev.ua>, pf@freebsd.org
Content-Type: multipart/alternative; boundary="000000000000e420d705ca517e30"
X-Rspamd-Queue-Id: 4GvGNZ4M08z4p9M
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 TAGGED_FROM(0.00)[];
	 REPLY(-4.00)[]
X-ThisMailContainsUnwantedMimeParts: Y

--000000000000e420d705ca517e30
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Thank you for fast fix Kristof.

Regards

On Tue, Aug 24, 2021 at 3:58 PM Kristof Provost <kp@freebsd.org> wrote:

> On 22 Aug 2021, at 21:01, Kristof Provost wrote:
> > On 22 Aug 2021, at 20:58, Oleksandr Kryvulia wrote:
> >> 20.08.21 22:01, =C3=96zkan KIRIK =D0=BF=D0=B8=D1=88=D0=B5=D1=82:
> >>> Hi,
> >>>
> >>> I'm trying to kill a single state using state id. But even state
> exists, no
> >>> (0) states are killed.
> >>>
> >>> I'm using FreeBSD stable/12 0f97f2a1857a (Jul 26) build. Outputs are
> below:
> >>>
> >>> root@freebsd:/ # pfctl -ss -vvv | tail -5
> >>> all tcp 10.255.4.134:60684 -> 10.2.3.10:443
>  ESTABLISHED:ESTABLISHED
> >>>    [3857528462 + 256] wscale 7  [2278827950 + 1117184] wscale 9
> >>>    age 1002336:42:40, expires in 252932:33:04, 250675:343858 pkts,
> >>> 18984576:362136695 bytes, anchor 1308884992, rule 419430400
> >>>    id: effe296100000018 creatorid: e9c975c1 gateway: 0.0.0.0
> >>>    origif: ix0.167
> >>>
> >>> root@freebsd:/ # pfctl -k id -k effe296100000018
> >>> killed 0 states
> >>>
> >>> root@freebsd:/ # pfctl -ss -vvv | tail -5
> >>> all tcp 10.255.4.134:60684 -> 10.2.3.10:443
>  ESTABLISHED:ESTABLISHED
> >>>    [1005467278 + 256] wscale 7  [2245470126 + 1117184] wscale 9
> >>>    age 60966:41:04, expires in 280894:34:40, 250677:343861 pkts,
> >>> 18984766:362137617 bytes, anchor 1308884992, rule 419430400
> >>>    id: effe296100000018 creatorid: e9c975c1 gateway: 0.0.0.0
> >>>    origif: ix0.167
> >>>
> >>> is it possible to fix it?
> >>>
> >>> Regards
> >>>
> >>
> >> Same on current.
> >
> > Thanks for the confirmation. It=E2=80=99s very likely fallout from the =
nvlist
> changes I did in that area recently.
> > It=E2=80=99s on my list for Monday. It=E2=80=99s likely to be fairly ea=
sy to fix.
> >
> This will be fixed as of e59eff9ad3285838730acf48f6d066cec0e53114 (in
> main).
> MFC to be done next week.
>
> Br,
> Kristof
>
>

--000000000000e420d705ca517e30--