Actions
Regression #12615
closed
MAC passthrough does not work on the latest snapshot
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
22.01
Release Notes:
Force Exclusion
Affected Version:
2.6.0
Affected Architecture:
Description
CP login page always appears
config.xml is ok:
<passthrumac>
<action>pass</action>
<mac>e2:51:f2:61:23:4b</mac>
<descr><![CDATA[windowspc]]></descr>
</passthrumac>
ipfw tables too:
# ipfw table all list --- table(cp_ifaces), set(0) --- vtnet0 2100 19578 6256264 1639752869 --- table(cpzone1_auth_up), set(0) --- --- table(cpzone1_host_ips), set(0) --- 192.168.88.100/32 0 9278 4839663 1639752869 --- table(cpzone1_pipe_mac), set(0) --- e2:51:f2:61:23:4b any 2001 3008 761439 1639752868 any e2:51:f2:61:23:4b 2000 3987 337435 1639752868 --- table(cpzone1_auth_down), set(0) --- --- table(cpzone1_allowed_up), set(0) --- --- table(cpzone1_allowed_down), set(0) ---
tcpdump:
tcpdump -qn -i vtnet0 ether host e2:51:f2:61:23:4b tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vtnet0, link-type EN10MB (Ethernet), capture size 262144 bytes 17:56:02.869612 IP 192.168.88.150.2375 > 89.108.119.43.443: tcp 0 17:56:03.271994 IP 192.168.88.150.2376 > 89.108.119.43.443: tcp 0 17:56:03.825248 IP 192.168.88.150.2389 > 34.107.221.82.80: tcp 0
pfSense 2.6.0.b.20211216.0600
Updated by Viktor Gurov about 3 years ago
ipfw show output:
# ipfw show 00999 0 0 allow tagged 1 01000 65094 13625580 skipto tablearg ip from any to any via table(cp_ifaces) 01100 86247 5149976 allow ip from any to any 02100 27710 4498925 pipe tablearg MAC table(cpzone1_pipe_mac) 02101 0 0 allow pfsync from any to any 02102 0 0 allow carp from any to any 02103 8 0 allow layer2 mac-type 0x0806,0x8035 02104 0 0 allow layer2 mac-type 0x888e,0x88c7 02105 0 0 allow layer2 mac-type 0x8863,0x8864 02106 0 0 deny layer2 not mac-type 0x0800,0x86dd 02107 11709 988970 allow ip from any to table(cpzone1_host_ips) in 02108 12940 6862452 allow ip from table(cpzone1_host_ips) to any out 02109 0 0 allow ip from any to 255.255.255.255 in 02110 0 0 allow ip from 255.255.255.255 to any out 02111 0 0 pipe tablearg ip from table(cpzone1_allowed_up) to any in 02112 0 0 pipe tablearg ip from any to table(cpzone1_allowed_down) in 02113 0 0 pipe tablearg ip from table(cpzone1_allowed_up) to any out 02114 0 0 pipe tablearg ip from any to table(cpzone1_allowed_down) out 02115 0 0 pipe tablearg tag 1 ip from table(cpzone1_auth_up) to any layer2 in 02116 0 0 pipe tablearg tag 1 ip from any to table(cpzone1_auth_down) layer2 out 02117 6462 574192 fwd 127.0.0.1,8002 tcp from any to any 80 in 02118 5385 653787 allow tcp from any to any out 02119 880 47254 skipto 65534 ip from any to any 65534 880 47254 deny ip from any to any 65535 0 0 allow ip from any to any
Updated by Viktor Gurov about 3 years ago
Updated by Viktor Gurov about 3 years ago
Updated by Jim Pingle about 3 years ago
- Tracker changed from Bug to Regression
- Status changed from New to Pull Request Review
- Assignee set to Viktor Gurov
- Target version set to 2.6.0
- Plus Target Version set to 22.01
- Release Notes changed from Default to Force Exclusion
Updated by Viktor Gurov about 3 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset 2fe32b3b168a1a2a3f96e1419eee958e6c10c20b.
Updated by Christopher Cope almost 3 years ago
- Status changed from Feedback to Resolved
Tested successfully on
2.6.0-RC (amd64) built on Mon Jan 24 18:44:12 UTC 2022 FreeBSD 12.3-STABLE
Marking this resolved.
Actions