On 6.2.2024. 1:07, Alexander Bluhm wrote:
> On Tue, Feb 06, 2024 at 12:40:17AM +0100, Hrvoje Popovski wrote:
>> On 6.2.2024. 0:24, Hrvoje Popovski wrote:
>>> On 6.2.2024. 0:15, Hrvoje Popovski wrote:
>>>> On 5.2.2024. 23:56, Hrvoje Popovski wrote:
>>>>> Hi all,
>>>>>
>>>>> with latest snapshot my firewall can't ping it's gateway and default
>>>>> route isn't working. I see default route with netstat -rnf inet but
>>>>> firewall
>>>>>
>>>>> Destination        Gateway            Flags   Refs      Use   Mtu  Prio
>>>>> Iface
>>>>> default            10.198.155.233    GS         0      209     -     8 em0
>>>>>
>>>>
>>>>
>>>> if I remove 10.198.155.233 as gateway than I can ping it.
>>>>
>>>> bcbnfw1# ping 10.198.155.233
>>>> PING 10.198.155.233 (10.198.155.233): 56 data bytes
>>>> 64 bytes from 10.198.155.233: icmp_seq=0 ttl=255 time=0.874 ms
>>>> 64 bytes from 10.198.155.233: icmp_seq=1 ttl=255 time=0.220 ms
>>>>
>>>>
>>>> arp
>>>> 10.198.155.233                      00:1f:26:3d:d4:00     em0 19m39s
>>>>
>>>
>>> Sorry for spamming list. I was in panic mode.
>>>
>>> With latest snapshot gateway doesn't work after reboot. After removing
>>> gateway, doing sh netstart and adding that same gateway firewall is
>>> working as it should.
>>>
>>>
>>>
>>
>>
>> When I reverted if.c from 1.717 to 1.716 firewall was happy
>> https://cvsweb.openbsd.org/src/sys/net/if.c
> 
> Yes, that is the problem.  Logic is inverted.
> 
> bluhm



With this diff firewall is working just fine. Thank you for fast response.



> 
> Index: net/if.c
> ===================================================================
> RCS file: /cvs/src/sys/net/if.c,v
> diff -u -p -r1.717 if.c
> --- net/if.c	5 Feb 2024 18:27:47 -0000	1.717
> +++ net/if.c	6 Feb 2024 00:05:50 -0000
> @@ -1788,7 +1788,7 @@ if_linkstate(struct ifnet *ifp)
>  {
>  	NET_ASSERT_LOCKED();
> 
> -	if (panicstr != NULL) {
> +	if (panicstr == NULL) {
>  		rtm_ifchg(ifp);
>  		rt_if_track(ifp);
>  	}
>