How does code changes in freebsd make it to pfsense


  • LAYER 8 Global Moderator

    So quite some time ago there was an issue with dhcp TTL being 16, I recompiled a new version with a change to 128 for that user.  Just recently I got a email from someone in Norway who had found my freebsd bug report.

    Details in this thread, which has been locked - prob because of age?

    http://forum.pfsense.org/index.php/topic,51803.0.html

    So my bug report to freebsd is here
    http://www.freebsd.org/cgi/query-pr.cgi?pr=170279

    Their issue was that they provide pfsense to users, and are worried that a self compiled fix to the dhcp client would be overwritten if the user updated the pfsense install, etc.  So they got some traction on the bug report, and it now seems they have put in a fix

    
    --- head/sbin/dhclient/packet.c Mon Apr 22 13:02:41 2013 (r249765)
    +++ head/sbin/dhclient/packet.c Mon Apr 22 15:02:32 2013 (r249766)
    @@ -128,7 +128,7 @@ assemble_udp_ip_header(unsigned char *bu
    ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len);
    ip.ip_id = 0;
    ip.ip_off = 0;
    - ip.ip_ttl = 16;
    + ip.ip_ttl = 128;
    ip.ip_p = IPPROTO_UDP;
    ip.ip_sum = 0;
    ip.ip_src.s_addr = from;
    
    

    Info here http://svnweb.freebsd.org/base?view=revision&revision=249766

    So curious when would this be seen in pfsense releases?



  • I thought that very same discussion in this forum, when I saw the commit … It'd be nice to see more of pfsense's fixes / code being pushed upstream to FreeBSD.

    I can also think of many improvements that could be made to FreeBSD/pfsense, if the human resources / funding were available, from porting of pf 5.2 to the inclusion of DIFFUSE http://www.freebsdfoundation.org/project announcements.shtml#diffuse


  • LAYER 8 Global Moderator

    I had submitted the bug to freebsd, because it was a freebsd bug not a pfsense issue.  I assume, maybe wrongly that as the code change makes it to freebsd that would be automatically be included into pfsense releases?  Is this not the case?

    I was just curious on what sort of timeline there would be, for example if I show that 8.3 is frozen other than errata's from the freebsd site.  I would hope this code change would make it to the 8.3 line, and then be included in some future snap of pfsense 2.1 ?

    Also seems that 2.0.1 was based on 8.1 of freebsd, I assume current 2.0.3 is same - so if freebsd includes this code change in their 8.3 and 8.1 line would the pfsense releases automatically see these changes, or would there have to be say a 2.0.4 release and how would that work in the 2.1 line, I currently show it using FreeBSD 8.3-RELEASE-p7, would it change to -p8?  If freebsd releases that?

    More a general question on how pfsense deals with patches and changes to the freebsd code?  Is this documented somewhere that I can read?



  • @johnpoz:

    or would there have to be say a 2.0.4 release and how would that work in the 2.1 line, I currently show it using FreeBSD 8.3-RELEASE-p7, would it change to -p8?  If freebsd releases that?

    I don't know if "minor" fixes e.g. the dhclient TTL fix will show up in pfSense code, not unless some pfsense dev explicitly adds it.

    pfSense would have to track FreeBSD 8-STABLE to incorporate all the fixes you see MFCed to 8.x in the FreeBSD dev-lists (and this assuming FreeBSD developers decide to MFC a feature back to 9.x and 8.x)


  • Rebel Alliance Developer Netgate

    If they fix it upstream, we pick up the changes either the next time we shift OS versions (not very often) or if we bring their patch into our code (happens all the time).


Log in to reply