pf1027.ok - OpenGrok history log for /freebsd/sbin/pfctl/tests/files/pf1027.ok

Revision		Date	Author	Comments
# 7a372bde		22-Jan-2025	Kristof Provost <kp@FreeBSD.org>	pf: make reply-to work with nat64 Just like route-to reply-to is problematic when used in combination with nat64. In the normal (i.e. without nat64) flow we return immediately from pf_route(). Howe pf: make reply-to work with nat64 Just like route-to reply-to is problematic when used in combination with nat64. In the normal (i.e. without nat64) flow we return immediately from pf_route(). However, with nat64 we need to continue and do a route lookup. In that case we should not make the extra pf_test(PF_OUT) call to remain similar to the non-nat64 flow. We also have to fix the interface binding. We can only bind to the interface after we've done the route lookup, not before. Add a funcional test case, and a test for pfctl's rule printing. Sponsored by: Rubicon Communications, LLC ("Netgate") show more ...

Revision

Date

Author

Comments

# 7a372bde

22-Jan-2025

Kristof Provost <kp@FreeBSD.org>

pf: make reply-to work with nat64

Just like route-to reply-to is problematic when used in combination with nat64.

In the normal (i.e. without nat64) flow we return immediately from pf_route().
Howe

pf: make reply-to work with nat64

Just like route-to reply-to is problematic when used in combination with nat64.

In the normal (i.e. without nat64) flow we return immediately from pf_route().
However, with nat64 we need to continue and do a route lookup. In that case
we should not make the extra pf_test(PF_OUT) call to remain similar to the
non-nat64 flow.

We also have to fix the interface binding. We can only bind to the interface
after we've done the route lookup, not before.

Add a funcional test case, and a test for pfctl's rule printing.

Sponsored by: Rubicon Communications, LLC ("Netgate")

In current file

In project "undefined"

On Google