netpfil - OpenGrok history log for /freebsd/tests/sys/netpfil

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
6e7f24e0	04-Mar-2025	Kristof Provost <kp@FreeBSD.org>	pf: fix nat64 ICMP translation Fix more incorrect use of the iih pointer, this time causing corruption in nat64 translated ICMP error messages. Extend the relevant test case to catch this bug. Spon pf: fix nat64 ICMP translation Fix more incorrect use of the iih pointer, this time causing corruption in nat64 translated ICMP error messages. Extend the relevant test case to catch this bug. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D49231 show more ... /freebsd/sys/netpfil/pf/pf.c pf/nat64.py
2f774911	25-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: test ICMP error translation with nat64 Ensure that when we translate an ICMPv4 to ICMPv6 message we set the correct source IP address. PR: 284944 Sponsored by: Rubicon Communications, LL pf tests: test ICMP error translation with nat64 Ensure that when we translate an ICMPv4 to ICMPv6 message we set the correct source IP address. PR: 284944 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D49144 show more ... /freebsd/.cirrus.yml /freebsd/Makefile /freebsd/UPDATING /freebsd/lib/csu/amd64/crt1_s.S /freebsd/lib/libc/aarch64/string/strlcat.c /freebsd/lib/libc/aarch64/string/strncat.c /freebsd/release/Makefile.oracle /freebsd/release/Makefile.vm /freebsd/release/scripts/oracle/arm64_shape_compatibilities.json /freebsd/release/scripts/oracle/default_shape_compatibilities.json /freebsd/release/scripts/oracle/generate_metadata.lua /freebsd/release/scripts/oracle/image_capability_data.json /freebsd/release/scripts/oracle/image_metadata.json /freebsd/sbin/ipf/ippool/ippool.5 /freebsd/sbin/ipfw/ipfw.8 /freebsd/sbin/ipfw/ipfw2.c /freebsd/sbin/ipfw/ipfw2.h /freebsd/sbin/ipfw/nat64lsn.c /freebsd/sbin/ipfw/tables.c /freebsd/sbin/pfctl/pfctl_parser.c /freebsd/sbin/route/route.c /freebsd/share/man/man4/ipsec.4 /freebsd/share/mk/sys.mk /freebsd/stand/efi/include/efiprot.h /freebsd/stand/efi/loader/arch/riscv/exec.c /freebsd/stand/efi/loader/bootinfo.c /freebsd/stand/libsa/dosfs.c /freebsd/stand/libsa/dosfs.h /freebsd/stand/libsa/ioctl.c /freebsd/sys/amd64/vmm/vmm_instruction_emul.c /freebsd/sys/arm/allwinner/aw_rtc.c /freebsd/sys/arm/arm/machdep.c /freebsd/sys/arm/arm/machdep_boot.c /freebsd/sys/arm/nvidia/drm2/tegra_bo.c /freebsd/sys/arm64/arm64/machdep.c /freebsd/sys/compat/linuxkpi/common/src/linux_80211.c /freebsd/sys/compat/linuxkpi/common/src/linux_shrinker.c /freebsd/sys/conf/files.arm /freebsd/sys/conf/files.arm64 /freebsd/sys/conf/files.riscv /freebsd/sys/dev/drm2/ttm/ttm_page_alloc.c /freebsd/sys/dev/enic/if_enic.c /freebsd/sys/dev/enic/vnic_cq.c /freebsd/sys/dev/enic/vnic_cq.h /freebsd/sys/dev/enic/vnic_dev.c /freebsd/sys/dev/enic/vnic_dev.h /freebsd/sys/dev/enic/vnic_rq.c /freebsd/sys/dev/enic/vnic_wq.c /freebsd/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c /freebsd/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls_rx.c /freebsd/sys/dev/usb/controller/dwc3/dwc3.c /freebsd/sys/dev/usb/controller/dwc_otg_acpi.c /freebsd/sys/dev/usb/controller/ehci_fsl.c /freebsd/sys/dev/usb/controller/ehci_imx.c /freebsd/sys/dev/usb/controller/ehci_msm.c /freebsd/sys/dev/usb/controller/ehci_mv.c /freebsd/sys/dev/usb/controller/ehci_pci.c /freebsd/sys/dev/usb/controller/generic_ehci.c /freebsd/sys/dev/usb/controller/generic_ehci_acpi.c /freebsd/sys/dev/usb/controller/generic_ehci_fdt.c /freebsd/sys/dev/usb/controller/generic_xhci.c /freebsd/sys/dev/usb/controller/generic_xhci_acpi.c /freebsd/sys/dev/usb/controller/generic_xhci_fdt.c /freebsd/sys/dev/usb/controller/ohci_pci.c /freebsd/sys/dev/usb/controller/uhci_pci.c /freebsd/sys/dev/usb/controller/xhci_pci.c /freebsd/sys/dev/usb/controller/xlnx_dwc3.c /freebsd/sys/dev/usb/input/atp.c /freebsd/sys/dev/usb/input/uhid.c /freebsd/sys/dev/usb/input/ukbd.c /freebsd/sys/dev/usb/input/ums.c /freebsd/sys/dev/usb/input/usbhid.c /freebsd/sys/dev/usb/input/wmt.c /freebsd/sys/dev/usb/input/wsp.c /freebsd/sys/dev/usb/misc/udbp.c /freebsd/sys/dev/usb/misc/ugold.c /freebsd/sys/dev/usb/misc/uled.c /freebsd/sys/dev/usb/net/if_aue.c /freebsd/sys/dev/usb/net/if_axe.c /freebsd/sys/dev/usb/net/if_axge.c /freebsd/sys/dev/usb/net/if_cdce.c /freebsd/sys/dev/usb/net/if_cdceem.c /freebsd/sys/dev/usb/net/if_cue.c /freebsd/sys/dev/usb/net/if_ipheth.c /freebsd/sys/dev/usb/net/if_kue.c /freebsd/sys/dev/usb/net/if_mos.c /freebsd/sys/dev/usb/net/if_muge.c /freebsd/sys/dev/usb/net/if_rue.c /freebsd/sys/dev/usb/net/if_smsc.c /freebsd/sys/dev/usb/net/if_udav.c /freebsd/sys/dev/usb/net/if_urndis.c /freebsd/sys/dev/usb/net/ruephy.c /freebsd/sys/dev/usb/serial/ubsa.c /freebsd/sys/dev/usb/serial/ubser.c /freebsd/sys/dev/usb/serial/uchcom.c /freebsd/sys/dev/usb/serial/ucycom.c /freebsd/sys/dev/usb/serial/ufoma.c /freebsd/sys/dev/usb/serial/uftdi.c /freebsd/sys/dev/usb/serial/uipaq.c /freebsd/sys/dev/usb/serial/ulpt.c /freebsd/sys/dev/usb/serial/umcs.c /freebsd/sys/dev/usb/serial/umct.c /freebsd/sys/dev/usb/serial/umodem.c /freebsd/sys/dev/usb/serial/uplcom.c /freebsd/sys/dev/usb/serial/usb_serial.c /freebsd/sys/dev/usb/serial/uslcom.c /freebsd/sys/dev/usb/serial/uvscom.c /freebsd/sys/dev/usb/storage/umass.c /freebsd/sys/dev/usb/storage/urio.c /freebsd/sys/dev/usb/template/usb_template_multi.c /freebsd/sys/dev/usb/template/usb_template_serialnet.c /freebsd/sys/dev/usb/wlan/if_rsu.c /freebsd/sys/dev/usb/wlan/if_rum.c /freebsd/sys/dev/usb/wlan/if_run.c /freebsd/sys/dev/usb/wlan/if_uath.c /freebsd/sys/dev/usb/wlan/if_ural.c /freebsd/sys/dev/usb/wlan/if_urtw.c /freebsd/sys/dev/usb/wlan/if_zyd.c /freebsd/sys/dev/vt/hw/efifb/efifb.c /freebsd/sys/dev/wg/if_wg.c /freebsd/sys/geom/eli/g_eli.c /freebsd/sys/kern/kern_exec.c /freebsd/sys/kern/subr_efi_map.c /freebsd/sys/kern/subr_module.c /freebsd/sys/net/pfvar.h /freebsd/sys/net/route.h /freebsd/sys/net80211/_ieee80211.h /freebsd/sys/net80211/ieee80211_crypto.c /freebsd/sys/net80211/ieee80211_crypto_ccmp.c /freebsd/sys/net80211/ieee80211_crypto_tkip.c /freebsd/sys/netinet/ip_carp.c /freebsd/sys/netinet/ip_fw.h /freebsd/sys/netinet/ip_gre.c /freebsd/sys/netinet/ip_id.c /freebsd/sys/netinet/ip_mroute.c /freebsd/sys/netinet/ip_output.c /freebsd/sys/netinet/ip_reass.c /freebsd/sys/netinet/ip_var.h /freebsd/sys/netinet/raw_ip.c /freebsd/sys/netinet/sctp_output.c /freebsd/sys/netinet/sctp_pcb.c /freebsd/sys/netinet/tcp_subr.c /freebsd/sys/netinet/udp_usrreq.c /freebsd/sys/netinet6/frag6.c /freebsd/sys/netinet6/ip6_var.h /freebsd/sys/netinet6/ip_fw_nat64.h /freebsd/sys/netipsec/ipsec.c /freebsd/sys/netipsec/ipsec.h /freebsd/sys/netipsec/ipsec_output.c /freebsd/sys/netpfil/ipfilter/netinet/fil.c /freebsd/sys/netpfil/ipfilter/netinet/ip_nat.c /freebsd/sys/netpfil/ipfw/ip_fw2.c /freebsd/sys/netpfil/ipfw/ip_fw_compat.c /freebsd/sys/netpfil/ipfw/ip_fw_dynamic.c /freebsd/sys/netpfil/ipfw/ip_fw_eaction.c /freebsd/sys/netpfil/ipfw/ip_fw_iface.c /freebsd/sys/netpfil/ipfw/ip_fw_log.c /freebsd/sys/netpfil/ipfw/ip_fw_nat.c /freebsd/sys/netpfil/ipfw/ip_fw_private.h /freebsd/sys/netpfil/ipfw/ip_fw_sockopt.c /freebsd/sys/netpfil/ipfw/ip_fw_table.c /freebsd/sys/netpfil/ipfw/ip_fw_table.h /freebsd/sys/netpfil/ipfw/ip_fw_table_algo.c /freebsd/sys/netpfil/ipfw/ip_fw_table_value.c /freebsd/sys/netpfil/ipfw/nat64/ip_fw_nat64.h /freebsd/sys/netpfil/ipfw/nat64/nat64_translate.c /freebsd/sys/netpfil/ipfw/nat64/nat64clat.c /freebsd/sys/netpfil/ipfw/nat64/nat64clat.h /freebsd/sys/netpfil/ipfw/nat64/nat64clat_control.c /freebsd/sys/netpfil/ipfw/nat64/nat64lsn.c /freebsd/sys/netpfil/ipfw/nat64/nat64lsn.h /freebsd/sys/netpfil/ipfw/nat64/nat64lsn_control.c /freebsd/sys/netpfil/ipfw/nat64/nat64stl.c /freebsd/sys/netpfil/ipfw/nat64/nat64stl.h /freebsd/sys/netpfil/ipfw/nat64/nat64stl_control.c /freebsd/sys/netpfil/ipfw/nptv6/nptv6.c /freebsd/sys/netpfil/ipfw/pmod/tcpmod.c /freebsd/sys/netpfil/pf/if_pfsync.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_ioctl.c /freebsd/sys/netpfil/pf/pf_norm.c /freebsd/sys/netpfil/pf/pf_table.c /freebsd/sys/netpfil/pf/pflow.c /freebsd/sys/riscv/allwinner/files.allwinner /freebsd/sys/riscv/conf/GENERIC /freebsd/sys/riscv/conf/std.allwinner /freebsd/sys/riscv/include/metadata.h /freebsd/sys/riscv/riscv/machdep.c /freebsd/sys/sys/efi_map.h /freebsd/sys/sys/param.h /freebsd/sys/sys/pctrie.h /freebsd/sys/sys/socket.h /freebsd/sys/ufs/ufs/ufs_dirhash.c /freebsd/sys/vm/device_pager.c /freebsd/sys/vm/vm_object.c /freebsd/tests/sys/net/if_wg.sh pf/nat64.py /freebsd/usr.sbin/wlanstats/Makefile /freebsd/usr.sbin/wlanstats/wlanstats.8
f32a2550	03-Mar-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: test source-hash and random on empty table or interface without address Attempt to provoke the crashes fixed by the previous commit. Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/share/man/man4/stf.4 /freebsd/share/man/man7/ports.7 /freebsd/sys/netpfil/pf/pf_lb.c pf/nat.sh
f8bd05ad	03-Mar-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: add missing pflog_init to pflog:rdr_action Without it we tried to run the test even if pflog wasn't loaded. Sponsored by: Rubicon Communications, LLC ("Netgate") pf/pflog.sh
c46af893	03-Mar-2025	Jose Luis Duran <jlduran@FreeBSD.org>	tests: Require python3 when using Scapy python3 is a symbolic link that points to the current python 3.X version. It is possible for a system to have python (python 3.X) without the python3 (symlin tests: Require python3 when using Scapy python3 is a symbolic link that points to the current python 3.X version. It is possible for a system to have python (python 3.X) without the python3 (symlink) package. Test scripts that use Scapy are invoked using python3, so add it as a required program. Reviewed by: ngie, asomers Approved by: emaste (mentor) Differential Revision: https://reviews.freebsd.org/D49007 show more ... /freebsd/Makefile.inc1 /freebsd/bin/sh/sh.1 /freebsd/contrib/ntp/ntpd/ntp_io.c /freebsd/lib/libsys/open.2 /freebsd/release/Makefile.oci /freebsd/release/release.sh /freebsd/release/scripts/make-oci-image.sh /freebsd/release/scripts/pkg-stage.sh /freebsd/release/tools/oci-image-dynamic.conf /freebsd/release/tools/oci-image-minimal.conf /freebsd/release/tools/oci-image-static.conf /freebsd/release/tools/oracle.conf /freebsd/sbin/ifconfig/ifieee80211.c /freebsd/share/man/man4/Makefile /freebsd/share/man/man4/pci.4 /freebsd/share/man/man4/uath.4 /freebsd/share/man/man4/upgt.4 /freebsd/share/man/man9/Makefile /freebsd/share/man/man9/ifnet.9 /freebsd/sys/dev/ath/ath_rate/sample/sample.c /freebsd/sys/dev/ath/if_ath_tx_ht.c /freebsd/sys/dev/igc/igc_api.c /freebsd/sys/dev/ixgbe/ixgbe_mbx.c /freebsd/sys/net/route/route_ctl.c /freebsd/sys/net80211/ieee80211_ddb.c /freebsd/sys/netinet/cc/cc.c /freebsd/sys/netinet/cc/cc_cubic.c /freebsd/sys/netinet/cc/cc_dctcp.c /freebsd/sys/netinet/cc/cc_htcp.c /freebsd/sys/netinet/cc/cc_newreno.c /freebsd/sys/netinet/in.c /freebsd/sys/netinet/in.h /freebsd/sys/netinet/ip_icmp.c /freebsd/sys/netinet/ip_input.c /freebsd/sys/netinet/tcp_input.c /freebsd/sys/netinet/udp_usrreq.c /freebsd/sys/netlink/netlink_domain.c /freebsd/sys/sys/queue.h /freebsd/sys/vm/device_pager.c /freebsd/sys/vm/swap_pager.c /freebsd/sys/vm/vm_fault.c /freebsd/sys/vm/vm_kern.c /freebsd/sys/vm/vm_object.c /freebsd/sys/vm/vm_page.c /freebsd/sys/vm/vm_page.h /freebsd/sys/vm/vnode_pager.c /freebsd/sys/x86/iommu/amd_reg.h /freebsd/tests/sys/net/if_bridge_test.sh /freebsd/tests/sys/net/if_vlan.sh /freebsd/tests/sys/netinet/divert.sh /freebsd/tests/sys/netinet/forward.sh /freebsd/tests/sys/netinet/redirect.sh /freebsd/tests/sys/netinet6/divert.sh /freebsd/tests/sys/netinet6/exthdr.sh /freebsd/tests/sys/netinet6/forward6.sh /freebsd/tests/sys/netinet6/frag6/frag6.subr /freebsd/tests/sys/netinet6/mld.sh /freebsd/tests/sys/netinet6/ndp.sh /freebsd/tests/sys/netinet6/redirect.sh /freebsd/tests/sys/netinet6/scapyi386.sh common/forward.sh common/tos.sh pf/dup.sh pf/ether.sh pf/forward.sh pf/fragmentation_compat.sh pf/fragmentation_no_reassembly.sh pf/fragmentation_pass.sh pf/get_state.sh pf/icmp.sh pf/icmp6.sh pf/killstate.sh pf/max_states.sh pf/modulate.sh pf/pass_block.sh pf/pflog.sh pf/pflow.sh pf/pfsync.sh pf/route_to.sh pf/rtable.sh pf/scrub.sh pf/scrub_compat.sh pf/scrub_pass.sh pf/set_tos.sh pf/src_track.sh pf/syncookie.sh pf/tcp.sh /freebsd/tools/tools/net80211/wlanwatch/wlanwatch.c /freebsd/tools/tools/net80211/wlanwds/Makefile /freebsd/tools/tools/net80211/wlanwds/wlanwds.c /freebsd/usr.sbin/makefs/cd9660.h /freebsd/usr.sbin/makefs/cd9660/iso9660_rrip.c /freebsd/usr.sbin/makefs/cd9660/iso9660_rrip.h
f6f116cd	23-Feb-2025	Kajetan Staszkiewicz <ks@FreeBSD.org>	pf: Make af-to work on outbound interface Currently af-to works only on inbound interface by creating a reversed NAT state key which is used to match traffic returning on the outbound interface. Su pf: Make af-to work on outbound interface Currently af-to works only on inbound interface by creating a reversed NAT state key which is used to match traffic returning on the outbound interface. Such limitation is not necessary. When an af-to state is created for an outbound rule do not reverse the NAT state key, making it work just like if it was created for a normal NAT rule. Depending on firewall design it might be easier and more natural to use af-to on the outbound interface. Reviewed by: kp Approved by: kp (mentor) Sponsored by: InnoGames GmbH Differential Revision: https://reviews.freebsd.org/D49122 show more ... /freebsd/RELNOTES /freebsd/lib/libbe/be.c /freebsd/lib/libc/gen/fts.c /freebsd/lib/libifconfig/libifconfig_sfp.c /freebsd/lib/libmixer/mixer.c /freebsd/lib/libpmc/pmu-events/arch/x86/mapfile.csv /freebsd/share/man/man4/pcm.4 /freebsd/share/man/man4/snd_uaudio.4 /freebsd/share/mk/bsd.mkopt.mk /freebsd/sys/compat/linuxkpi/common/src/linux_80211.c /freebsd/sys/contrib/dev/iwlwifi/mvm/rs.c /freebsd/sys/contrib/dev/iwlwifi/mvm/rs.h /freebsd/sys/dev/ath/ath_rate/amrr/amrr.c /freebsd/sys/dev/ath/ath_rate/onoe/onoe.c /freebsd/sys/dev/ath/ath_rate/sample/sample.c /freebsd/sys/dev/bwi/if_bwi.c /freebsd/sys/dev/bwn/if_bwn.c /freebsd/sys/dev/cxgbe/adapter.h /freebsd/sys/dev/cxgbe/t4_clip.c /freebsd/sys/dev/cxgbe/t4_filter.c /freebsd/sys/dev/cxgbe/t4_main.c /freebsd/sys/dev/cxgbe/tom/t4_tom_l2t.c /freebsd/sys/dev/ipw/if_ipw.c /freebsd/sys/dev/iwi/if_iwi.c /freebsd/sys/dev/iwm/if_iwm.c /freebsd/sys/dev/iwn/if_iwn.c /freebsd/sys/dev/malo/if_malo.c /freebsd/sys/dev/mana/mana.h /freebsd/sys/dev/mana/mana_en.c /freebsd/sys/dev/mana/mana_sysctl.c /freebsd/sys/dev/mwl/if_mwl.c /freebsd/sys/dev/nvme/nvme_ctrlr.c /freebsd/sys/dev/otus/if_otus.c /freebsd/sys/dev/ral/rt2560.c /freebsd/sys/dev/ral/rt2661.c /freebsd/sys/dev/ral/rt2860.c /freebsd/sys/dev/rtwn/if_rtwn_tx.c /freebsd/sys/dev/sound/pcm/buffer.c /freebsd/sys/dev/sound/pcm/buffer.h /freebsd/sys/dev/sound/pcm/channel.c /freebsd/sys/dev/sound/pcm/channel.h /freebsd/sys/dev/sound/pcm/dsp.c /freebsd/sys/dev/sound/pcm/sound.c /freebsd/sys/dev/sound/pcm/sound.h /freebsd/sys/dev/sound/pcm/vchan.c /freebsd/sys/dev/sound/pcm/vchan.h /freebsd/sys/dev/sound/usb/uaudio.h /freebsd/sys/dev/usb/wlan/if_mtw.c /freebsd/sys/dev/usb/wlan/if_rsu.c /freebsd/sys/dev/usb/wlan/if_rum.c /freebsd/sys/dev/usb/wlan/if_run.c /freebsd/sys/dev/usb/wlan/if_uath.c /freebsd/sys/dev/usb/wlan/if_ural.c /freebsd/sys/dev/usb/wlan/if_zyd.c /freebsd/sys/dev/wpi/if_wpi.c /freebsd/sys/dev/wtap/if_wtap.c /freebsd/sys/net/ifdi_if.m /freebsd/sys/net/pfvar.h /freebsd/sys/net80211/ieee80211.c /freebsd/sys/net80211/ieee80211_adhoc.c /freebsd/sys/net80211/ieee80211_amrr.c /freebsd/sys/net80211/ieee80211_amrr.h /freebsd/sys/net80211/ieee80211_ddb.c /freebsd/sys/net80211/ieee80211_hostap.c /freebsd/sys/net80211/ieee80211_ht.c /freebsd/sys/net80211/ieee80211_ioctl.c /freebsd/sys/net80211/ieee80211_mesh.c /freebsd/sys/net80211/ieee80211_node.c /freebsd/sys/net80211/ieee80211_node.h /freebsd/sys/net80211/ieee80211_phy.c /freebsd/sys/net80211/ieee80211_phy.h /freebsd/sys/net80211/ieee80211_ratectl.h /freebsd/sys/net80211/ieee80211_ratectl_none.c /freebsd/sys/net80211/ieee80211_rssadapt.c /freebsd/sys/net80211/ieee80211_scan_sta.c /freebsd/sys/net80211/ieee80211_sta.c /freebsd/sys/net80211/ieee80211_superg.c /freebsd/sys/net80211/ieee80211_var.h /freebsd/sys/net80211/ieee80211_vht.c /freebsd/sys/net80211/ieee80211_vht.h /freebsd/sys/netinet/tcp_stacks/rack.c /freebsd/sys/netinet/tcp_stacks/tcp_rack.h /freebsd/sys/netinet/tcp_var.h /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_ioctl.c /freebsd/sys/netpfil/pf/pf_lb.c pf/nat64.sh /freebsd/usr.sbin/acpi/acpidump/acpi.c /freebsd/usr.sbin/ctld/Makefile /freebsd/usr.sbin/ctld/conf.c /freebsd/usr.sbin/ctld/conf.h /freebsd/usr.sbin/ctld/ctl.conf.5 /freebsd/usr.sbin/ctld/ctld.c /freebsd/usr.sbin/ctld/ctld.h /freebsd/usr.sbin/ctld/kernel.c /freebsd/usr.sbin/ctld/parse.y /freebsd/usr.sbin/ctld/uclparse.c
41265f65	21-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf: cope with IPv6 gateways for an IPv4 route in nat64 It's possible for an IPv4 next hop to be specified as an IPv6 address. This broke pf's route lookup in pf_route(), which is required for nat64. pf: cope with IPv6 gateways for an IPv4 route in nat64 It's possible for an IPv4 next hop to be specified as an IPv6 address. This broke pf's route lookup in pf_route(), which is required for nat64. Handle this case just like ip_tryforward(): use the struct sockaddr from the struct nhop_object, and mark a struct route to indicate if_output() has to use the gateway. Add a test case for this. PR: 284946 Reviewed by: zlei Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D49095 show more ... /freebsd/sys/netpfil/pf/pf.c pf/nat64.sh
9bdb3272	21-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: remove stray debug log line Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/.cirrus.yml /freebsd/bin/sh/sh.1 /freebsd/contrib/kyua/engine/scheduler.cpp /freebsd/contrib/kyua/engine/scheduler_test.cpp /freebsd/contrib/kyua/integration/cmd_test_test.sh /freebsd/contrib/kyua/integration/helpers/config.cpp /freebsd/crypto/openssh/sshd-session.c /freebsd/crypto/openssh/sshd.c /freebsd/lib/libc/gen/Makefile.inc /freebsd/lib/libc/gen/fdopendir.c /freebsd/lib/libc/gen/fts.c /freebsd/lib/libc/gen/opendir.c /freebsd/lib/libc/gen/opendir2.c /freebsd/lib/libc/gen/telldir.h /freebsd/lib/libsys/recv.2 /freebsd/libexec/rtld-elf/rtld-libc/Makefile.inc /freebsd/sbin/nvmecontrol/modules/intel/intel.c /freebsd/share/man/man4/bridge.4 /freebsd/share/man/man4/safe.4 /freebsd/share/man/man4/safexcel.4 /freebsd/share/man/man5/pf.conf.5 /freebsd/share/man/man9/style.9 /freebsd/stand/lua/drawer.lua /freebsd/sys/arm/conf/GENERIC.hints /freebsd/sys/arm64/conf/GENERIC.hints /freebsd/sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c /freebsd/sys/compat/linux/linux_futex.c /freebsd/sys/compat/linuxkpi/common/include/linux/nl80211.h /freebsd/sys/compat/linuxkpi/common/include/linux/skbuff.h /freebsd/sys/compat/linuxkpi/common/include/net/cfg80211.h /freebsd/sys/compat/linuxkpi/common/include/net/mac80211.h /freebsd/sys/compat/linuxkpi/common/src/linux_80211.c /freebsd/sys/compat/linuxkpi/common/src/linux_skbuff.c /freebsd/sys/dev/mana/mana.h /freebsd/sys/dev/mana/mana_en.c /freebsd/sys/dev/mana/mana_sysctl.c /freebsd/sys/fs/nfs/nfs_var.h /freebsd/sys/fs/nfsclient/nfs_clstate.c /freebsd/sys/fs/nfsclient/nfs_clvnops.c /freebsd/sys/fs/tmpfs/tmpfs_subr.c /freebsd/sys/kern/kern_umtx.c /freebsd/sys/kern/uipc_shm.c /freebsd/sys/net/if_infiniband.c /freebsd/sys/netgraph/netgraph.h /freebsd/sys/netinet/in.c /freebsd/sys/netinet/in.h /freebsd/sys/netinet/in_jail.c /freebsd/sys/netinet/in_pcb.c /freebsd/sys/netinet/in_pcb_var.h /freebsd/sys/netinet/in_rmx.c /freebsd/sys/netinet/ip_carp.c /freebsd/sys/netinet/ip_divert.c /freebsd/sys/netinet/ip_fastfwd.c /freebsd/sys/netinet/ip_icmp.c /freebsd/sys/netinet/ip_input.c /freebsd/sys/netinet/ip_output.c /freebsd/sys/netinet/sctp_os_bsd.h /freebsd/sys/netinet/sctp_output.c /freebsd/sys/netinet/sctp_pcb.c /freebsd/sys/netinet/sctputil.c /freebsd/sys/netinet/tcp_input.c /freebsd/sys/netinet/udp_usrreq.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_norm.c /freebsd/sys/riscv/conf/GENERIC.hints /freebsd/sys/sys/umtxvar.h /freebsd/sys/vm/vm_page.c /freebsd/sys/vm/vm_page.h /freebsd/tests/sys/netinet/Makefile /freebsd/tests/sys/netinet/broadcast.c /freebsd/tests/sys/netinet/carp.sh /freebsd/tests/sys/netinet/so_reuseport_lb_test.c pf/nat64.sh /freebsd/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c /freebsd/usr.sbin/usbconfig/dump.c /freebsd/usr.sbin/usbconfig/dump.h /freebsd/usr.sbin/usbconfig/usbconfig.8 /freebsd/usr.sbin/usbconfig/usbconfig.c
921c9c7b	14-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: test new log(matches) behaviour Ensure that a log(matches, to pflog1) sends all future matches to pflog1. Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/cddl/lib/pam_zfs_key/Makefile /freebsd/crypto/openssh/FREEBSD-upgrade /freebsd/lib/libefivar/FreeBSD-update /freebsd/lib/libefivar/efivar-dp-format.c /freebsd/lib/libefivar/efivar-dp-parse.c /freebsd/lib/libsys/statfs.2 /freebsd/sbin/pfctl/pfctl_table.c /freebsd/secure/lib/libssh/Makefile /freebsd/secure/libexec/sftp-server/Makefile /freebsd/secure/libexec/ssh-keysign/Makefile /freebsd/secure/libexec/ssh-pkcs11-helper/Makefile /freebsd/secure/libexec/sshd-session/Makefile /freebsd/secure/ssh.mk /freebsd/secure/usr.bin/scp/Makefile /freebsd/secure/usr.bin/sftp/Makefile /freebsd/secure/usr.bin/ssh-add/Makefile /freebsd/secure/usr.bin/ssh-agent/Makefile /freebsd/secure/usr.bin/ssh-keygen/Makefile /freebsd/secure/usr.bin/ssh-keyscan/Makefile /freebsd/secure/usr.bin/ssh/Makefile /freebsd/secure/usr.sbin/sshd/Makefile /freebsd/share/man/man5/pf.conf.5 /freebsd/stand/common/gfx_fb.c /freebsd/stand/efi/loader/framebuffer.c /freebsd/sys/arm/conf/ASUS_AC1300 /freebsd/sys/arm/qualcomm/std.ipq4018 /freebsd/sys/contrib/openzfs/cmd/zdb/zdb.c /freebsd/sys/contrib/openzfs/cmd/zpool/zpool_main.c /freebsd/sys/contrib/openzfs/config/kernel-automount.m4 /freebsd/sys/contrib/openzfs/config/kernel-vfs-iov_iter.m4 /freebsd/sys/contrib/openzfs/contrib/pam_zfs_key/pam_zfs_key.c /freebsd/sys/contrib/openzfs/include/os/freebsd/spl/sys/mod_os.h /freebsd/sys/contrib/openzfs/include/os/linux/spl/sys/uio.h /freebsd/sys/contrib/openzfs/include/sys/dnode.h /freebsd/sys/contrib/openzfs/include/sys/metaslab.h /freebsd/sys/contrib/openzfs/include/sys/metaslab_impl.h /freebsd/sys/contrib/openzfs/include/sys/range_tree.h /freebsd/sys/contrib/openzfs/include/sys/space_map.h /freebsd/sys/contrib/openzfs/include/sys/space_reftree.h /freebsd/sys/contrib/openzfs/include/sys/vdev.h /freebsd/sys/contrib/openzfs/include/sys/vdev_impl.h /freebsd/sys/contrib/openzfs/include/sys/vdev_raidz.h /freebsd/sys/contrib/openzfs/include/sys/vdev_rebuild.h /freebsd/sys/contrib/openzfs/include/sys/vdev_removal.h /freebsd/sys/contrib/openzfs/lib/libzfs/libzfs_dataset.c /freebsd/sys/contrib/openzfs/lib/libzfs/libzfs_sendrecv.c /freebsd/sys/contrib/openzfs/man/man4/zfs.4 /freebsd/sys/contrib/openzfs/man/man8/zfs-destroy.8 /freebsd/sys/contrib/openzfs/module/Kbuild.in /freebsd/sys/contrib/openzfs/module/Makefile.in /freebsd/sys/contrib/openzfs/module/os/freebsd/zfs/sysctl_os.c /freebsd/sys/contrib/openzfs/module/os/linux/spl/spl-kmem-cache.c /freebsd/sys/contrib/openzfs/module/os/linux/zfs/vdev_raidz.c /freebsd/sys/contrib/openzfs/module/os/linux/zfs/zfs_uio.c /freebsd/sys/contrib/openzfs/module/os/linux/zfs/zpl_ctldir.c /freebsd/sys/contrib/openzfs/module/os/linux/zfs/zvol_os.c /freebsd/sys/contrib/openzfs/module/zfs/arc.c /freebsd/sys/contrib/openzfs/module/zfs/dbuf.c /freebsd/sys/contrib/openzfs/module/zfs/dnode.c /freebsd/sys/contrib/openzfs/module/zfs/dnode_sync.c /freebsd/sys/contrib/openzfs/module/zfs/dsl_pool.c /freebsd/sys/contrib/openzfs/module/zfs/dsl_scan.c /freebsd/sys/contrib/openzfs/module/zfs/metaslab.c /freebsd/sys/contrib/openzfs/module/zfs/range_tree.c /freebsd/sys/contrib/openzfs/module/zfs/spa.c /freebsd/sys/contrib/openzfs/module/zfs/spa_checkpoint.c /freebsd/sys/contrib/openzfs/module/zfs/spa_log_spacemap.c /freebsd/sys/contrib/openzfs/module/zfs/space_map.c /freebsd/sys/contrib/openzfs/module/zfs/space_reftree.c /freebsd/sys/contrib/openzfs/module/zfs/vdev.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_draid.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_indirect.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_initialize.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_label.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_raidz.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_raidz_math.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_rebuild.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_removal.c /freebsd/sys/contrib/openzfs/module/zfs/vdev_trim.c /freebsd/sys/contrib/openzfs/module/zfs/zio.c /freebsd/sys/contrib/openzfs/tests/runfiles/freebsd.run /freebsd/sys/contrib/openzfs/tests/runfiles/linux.run /freebsd/sys/contrib/openzfs/tests/zfs-tests/tests/Makefile.am /freebsd/sys/contrib/openzfs/tests/zfs-tests/tests/functional/direct/dio_loopback_dev.ksh /freebsd/sys/contrib/openzfs/tests/zfs-tests/tests/functional/pam/cleanup.ksh /freebsd/sys/contrib/openzfs/tests/zfs-tests/tests/functional/pam/pam_mount_recursively.ksh /freebsd/sys/contrib/openzfs/tests/zfs-tests/tests/functional/rsend/send_encrypted_hierarchy.ksh /freebsd/sys/dev/nvmf/controller/ctl_frontend_nvmf.c /freebsd/sys/dev/nvmf/controller/nvmft_controller.c /freebsd/sys/dev/nvmf/controller/nvmft_var.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma.c /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_debug.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_desc.c /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_desc.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_gmac.c /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_gmac.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_hw.c /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_hw.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_reg.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_rx.c /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_rx.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_tx.c /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_tx.h /freebsd/sys/dev/qcom_ess_edma/qcom_ess_edma_var.h /freebsd/sys/modules/zfs/zfs_config.h /freebsd/sys/modules/zfs/zfs_gitrev.h /freebsd/sys/net/if_pflog.h /freebsd/sys/net/pfvar.h /freebsd/sys/net80211/ieee80211_crypto_ccmp.c /freebsd/sys/netinet/cc/cc_cubic.c /freebsd/sys/netinet/cc/cc_cubic.h /freebsd/sys/netpfil/pf/if_pflog.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_norm.c pf/pflog.sh /freebsd/usr.sbin/ctladm/ctladm.8 /freebsd/usr.sbin/ctladm/ctladm.c /freebsd/usr.sbin/wlanstats/Makefile
c2346c3d	13-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf: support source-hash and random with tables and dynifs, not just pools This finally allows to use source-hash for dynamic loadbalancing, eg. "rdr-to <hosts> source-hash", instead of just round-ro pf: support source-hash and random with tables and dynifs, not just pools This finally allows to use source-hash for dynamic loadbalancing, eg. "rdr-to <hosts> source-hash", instead of just round-robin and least-states. An older pre-siphash version of this diff was tested by many people. OK tedu@ benno@ Obtained from: OpenBSD, reyk <reyk@openbsd.org>, 252a05523f Sponsored by: Rubicon Communications, LLC ("Netgate") show more ... /freebsd/crypto/openssh/.depend /freebsd/crypto/openssh/.git_allowed_signers /freebsd/crypto/openssh/.git_allowed_signers.asc /freebsd/crypto/openssh/.github/ci-status.md /freebsd/crypto/openssh/.github/configs /freebsd/crypto/openssh/.github/run_test.sh /freebsd/crypto/openssh/.github/setup_ci.sh /freebsd/crypto/openssh/.github/workflows/c-cpp.yml /freebsd/crypto/openssh/.github/workflows/cifuzz.yml /freebsd/crypto/openssh/.github/workflows/selfhosted.yml /freebsd/crypto/openssh/.github/workflows/upstream.yml /freebsd/crypto/openssh/.gitignore /freebsd/crypto/openssh/.skipped-commit-ids /freebsd/crypto/openssh/ChangeLog /freebsd/crypto/openssh/LICENCE /freebsd/crypto/openssh/Makefile.in /freebsd/crypto/openssh/PROTOCOL.agent /freebsd/crypto/openssh/PROTOCOL.key /freebsd/crypto/openssh/README /freebsd/crypto/openssh/addr.c /freebsd/crypto/openssh/auth-pam.c /freebsd/crypto/openssh/auth-pam.h /freebsd/crypto/openssh/auth-rhosts.c /freebsd/crypto/openssh/auth.c /freebsd/crypto/openssh/auth.h /freebsd/crypto/openssh/auth2-gss.c /freebsd/crypto/openssh/auth2-hostbased.c /freebsd/crypto/openssh/auth2-kbdint.c /freebsd/crypto/openssh/auth2-methods.c /freebsd/crypto/openssh/auth2-none.c /freebsd/crypto/openssh/auth2-passwd.c /freebsd/crypto/openssh/auth2-pubkey.c /freebsd/crypto/openssh/auth2.c /freebsd/crypto/openssh/channels.c /freebsd/crypto/openssh/channels.h /freebsd/crypto/openssh/cipher.c /freebsd/crypto/openssh/clientloop.c /freebsd/crypto/openssh/clientloop.h /freebsd/crypto/openssh/config.h /freebsd/crypto/openssh/configure.ac /freebsd/crypto/openssh/contrib/redhat/openssh.spec /freebsd/crypto/openssh/contrib/ssh-copy-id /freebsd/crypto/openssh/contrib/ssh-copy-id.1 /freebsd/crypto/openssh/contrib/suse/openssh.spec /freebsd/crypto/openssh/crypto_api.h /freebsd/crypto/openssh/defines.h /freebsd/crypto/openssh/ed25519.sh /freebsd/crypto/openssh/gss-serv.c /freebsd/crypto/openssh/kex-names.c /freebsd/crypto/openssh/kex.c /freebsd/crypto/openssh/kex.h /freebsd/crypto/openssh/kexc25519.c /freebsd/crypto/openssh/kexgen.c /freebsd/crypto/openssh/kexgexs.c /freebsd/crypto/openssh/kexmlkem768x25519.c /freebsd/crypto/openssh/kexsntrup761x25519.c /freebsd/crypto/openssh/libcrux_mlkem768_sha3.h /freebsd/crypto/openssh/log.c /freebsd/crypto/openssh/log.h /freebsd/crypto/openssh/loginrec.c /freebsd/crypto/openssh/m4/openssh.m4 /freebsd/crypto/openssh/match.c /freebsd/crypto/openssh/misc.c /freebsd/crypto/openssh/misc.h /freebsd/crypto/openssh/mlkem768.sh /freebsd/crypto/openssh/moduli /freebsd/crypto/openssh/monitor.c /freebsd/crypto/openssh/monitor.h /freebsd/crypto/openssh/monitor_wrap.c /freebsd/crypto/openssh/monitor_wrap.h /freebsd/crypto/openssh/msg.c /freebsd/crypto/openssh/mux.c /freebsd/crypto/openssh/myproposal.h /freebsd/crypto/openssh/nchan.c /freebsd/crypto/openssh/openbsd-compat/arc4random.h /freebsd/crypto/openssh/openbsd-compat/getrrsetbyname.c /freebsd/crypto/openssh/openbsd-compat/openssl-compat.c /freebsd/crypto/openssh/openbsd-compat/openssl-compat.h /freebsd/crypto/openssh/openbsd-compat/port-linux.c /freebsd/crypto/openssh/openbsd-compat/port-linux.h /freebsd/crypto/openssh/packet.c /freebsd/crypto/openssh/packet.h /freebsd/crypto/openssh/pathnames.h /freebsd/crypto/openssh/platform-listen.c /freebsd/crypto/openssh/platform.c /freebsd/crypto/openssh/platform.h /freebsd/crypto/openssh/readconf.c /freebsd/crypto/openssh/readpass.c /freebsd/crypto/openssh/regress/Makefile /freebsd/crypto/openssh/regress/cfginclude.sh /freebsd/crypto/openssh/regress/cfgmatchlisten.sh /freebsd/crypto/openssh/regress/dropbear-ciphers.sh /freebsd/crypto/openssh/regress/dropbear-kex.sh /freebsd/crypto/openssh/regress/key-options.sh /freebsd/crypto/openssh/regress/misc/fuzz-harness/Makefile /freebsd/crypto/openssh/regress/misc/fuzz-harness/agent_fuzz_helper.c /freebsd/crypto/openssh/regress/misc/fuzz-harness/kex_fuzz.cc /freebsd/crypto/openssh/regress/misc/fuzz-harness/mkcorpus_sntrup761.c /freebsd/crypto/openssh/regress/misc/fuzz-harness/sig_fuzz.cc /freebsd/crypto/openssh/regress/misc/fuzz-harness/sntrup761_dec_fuzz.cc /freebsd/crypto/openssh/regress/misc/fuzz-harness/sntrup761_enc_fuzz.cc /freebsd/crypto/openssh/regress/misc/fuzz-harness/watch-sntrup761.sh /freebsd/crypto/openssh/regress/multiplex.sh /freebsd/crypto/openssh/regress/penalty-expire.sh /freebsd/crypto/openssh/regress/penalty.sh /freebsd/crypto/openssh/regress/percent.sh /freebsd/crypto/openssh/regress/rekey.sh /freebsd/crypto/openssh/regress/sftp-cmds.sh /freebsd/crypto/openssh/regress/test-exec.sh /freebsd/crypto/openssh/regress/unittests/kex/Makefile /freebsd/crypto/openssh/regress/unittests/kex/test_kex.c /freebsd/crypto/openssh/regress/unittests/sshkey/common.c /freebsd/crypto/openssh/regress/unittests/sshkey/test_file.c /freebsd/crypto/openssh/regress/unittests/sshkey/test_sshkey.c /freebsd/crypto/openssh/regress/unittests/test_helper/fuzz.c /freebsd/crypto/openssh/regress/yes-head.sh /freebsd/crypto/openssh/scp.c /freebsd/crypto/openssh/servconf.c /freebsd/crypto/openssh/servconf.h /freebsd/crypto/openssh/serverloop.c /freebsd/crypto/openssh/session.c /freebsd/crypto/openssh/sftp-client.c /freebsd/crypto/openssh/sftp-server.c /freebsd/crypto/openssh/sftp.c /freebsd/crypto/openssh/sntrup761.c /freebsd/crypto/openssh/sntrup761.sh /freebsd/crypto/openssh/srclimit.c /freebsd/crypto/openssh/srclimit.h /freebsd/crypto/openssh/ssh-add.1 /freebsd/crypto/openssh/ssh-add.c /freebsd/crypto/openssh/ssh-ecdsa-sk.c /freebsd/crypto/openssh/ssh-ecdsa.c /freebsd/crypto/openssh/ssh-gss.h /freebsd/crypto/openssh/ssh-keygen.1 /freebsd/crypto/openssh/ssh-keygen.c /freebsd/crypto/openssh/ssh-keyscan.1 /freebsd/crypto/openssh/ssh-keyscan.c /freebsd/crypto/openssh/ssh-keysign.8 /freebsd/crypto/openssh/ssh-keysign.c /freebsd/crypto/openssh/ssh-pkcs11-client.c /freebsd/crypto/openssh/ssh-pkcs11-helper.c /freebsd/crypto/openssh/ssh-pkcs11.c /freebsd/crypto/openssh/ssh-rsa.c /freebsd/crypto/openssh/ssh-sk.c /freebsd/crypto/openssh/ssh.1 /freebsd/crypto/openssh/ssh_api.c /freebsd/crypto/openssh/ssh_config.5 /freebsd/crypto/openssh/ssh_namespace.h /freebsd/crypto/openssh/sshbuf-getput-crypto.c /freebsd/crypto/openssh/sshbuf.c /freebsd/crypto/openssh/sshbuf.h /freebsd/crypto/openssh/sshconnect.c /freebsd/crypto/openssh/sshconnect.h /freebsd/crypto/openssh/sshconnect2.c /freebsd/crypto/openssh/sshd-session.c /freebsd/crypto/openssh/sshd.8 /freebsd/crypto/openssh/sshd.c /freebsd/crypto/openssh/sshd_config /freebsd/crypto/openssh/sshd_config.5 /freebsd/crypto/openssh/sshkey.c /freebsd/crypto/openssh/sshkey.h /freebsd/crypto/openssh/version.h /freebsd/lib/libc/stdlib/realpath.c /freebsd/lib/libsys/Makefile.sys /freebsd/lib/libsys/Symbol.map /freebsd/libexec/rtld-elf/rtld-libc/Makefile.inc /freebsd/release/scripts/pkg-stage.sh /freebsd/sbin/pfctl/parse.y /freebsd/secure/lib/libssh/Makefile /freebsd/secure/libexec/Makefile /freebsd/secure/libexec/sshd-session/Makefile /freebsd/secure/usr.sbin/sshd/Makefile /freebsd/share/man/man4/upgt.4 /freebsd/share/man/man5/pf.conf.5 /freebsd/sys/compat/linuxkpi/common/include/linux/fs.h /freebsd/sys/compat/linuxkpi/common/include/linux/pci.h /freebsd/sys/compat/linuxkpi/common/include/linux/shrinker.h /freebsd/sys/compat/linuxkpi/common/src/linux_compat.c /freebsd/sys/compat/linuxkpi/common/src/linux_shrinker.c /freebsd/sys/fs/nfsclient/nfs_clstate.c /freebsd/sys/netpfil/pf/pf.h /freebsd/sys/netpfil/pf/pf_lb.c /freebsd/sys/powerpc/aim/mmu_radix.c /freebsd/sys/sys/param.h /freebsd/sys/vm/vm_page.c /freebsd/sys/vm/vm_phys.c pf/nat64.sh
86f2641b	19-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf: fix icmp-in-icmp handling with if-bound states When we receive an ICMP packet containing another ICMP packet we look up the original ICMP state. This is done through a second struct pf_pdesc ('p pf: fix icmp-in-icmp handling with if-bound states When we receive an ICMP packet containing another ICMP packet we look up the original ICMP state. This is done through a second struct pf_pdesc ('pd2'), containing relevant information (i.e. addresses, type, id, ..). pd2 did not contain the network interface ('kif'), leading to state lookup failures. This only affected if-bound mode, because floating states match all interfaces. Set kif in pd2. Extend the icmp.py:test_fragmentation_needed test case to use if-bound mode. It already checked that we handled icmp-in-icmp correctly. PR: 284866 MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") show more ... /freebsd/Makefile.inc1 /freebsd/RELNOTES /freebsd/contrib/ntp/ntpd/ntp_io.c /freebsd/contrib/ntp/ntpd/ntp_proto.c /freebsd/crypto/openssh/krl.c /freebsd/crypto/openssh/packet.c /freebsd/crypto/openssh/ssh-agent.c /freebsd/crypto/openssh/ssh-sk-client.c /freebsd/crypto/openssh/sshconnect2.c /freebsd/crypto/openssh/sshsig.c /freebsd/libexec/rc/rc.d/ntpd /freebsd/libexec/rc/rc.d/var_run /freebsd/sbin/pfctl/parse.y /freebsd/sbin/pfctl/pfctl.c /freebsd/sbin/pfctl/pfctl_radix.c /freebsd/sys/amd64/include/vmm.h /freebsd/sys/amd64/vmm/amd/svm.c /freebsd/sys/amd64/vmm/intel/vmx.c /freebsd/sys/amd64/vmm/vmm.c /freebsd/sys/amd64/vmm/vmm_instruction_emul.c /freebsd/sys/amd64/vmm/vmm_mem_machdep.c /freebsd/sys/arm64/include/vmm.h /freebsd/sys/arm64/vmm/vmm.c /freebsd/sys/arm64/vmm/vmm_arm64.c /freebsd/sys/arm64/vmm/vmm_dev_machdep.c /freebsd/sys/compat/linuxkpi/common/include/net/mac80211.h /freebsd/sys/compat/linuxkpi/common/src/linux_80211.c /freebsd/sys/compat/linuxkpi/common/src/linux_80211.h /freebsd/sys/compat/linuxkpi/common/src/linux_80211_macops.c /freebsd/sys/conf/files.arm64 /freebsd/sys/conf/files.riscv /freebsd/sys/dev/sound/pci/hda/hdaa.c /freebsd/sys/dev/sound/pci/hda/hdac.h /freebsd/sys/dev/sound/pci/hda/hdacc.c /freebsd/sys/dev/sound/pcm/feeder_chain.c /freebsd/sys/dev/vmm/vmm_dev.c /freebsd/sys/dev/vmm/vmm_mem.c /freebsd/sys/dev/vmm/vmm_mem.h /freebsd/sys/fs/nfs/nfsclstate.h /freebsd/sys/fs/nfs/nfsproto.h /freebsd/sys/fs/nfsclient/nfs_clstate.c /freebsd/sys/kern/subr_pctrie.c /freebsd/sys/kern/syscalls.master /freebsd/sys/modules/vmm/Makefile /freebsd/sys/netinet/in.c /freebsd/sys/netinet/in.h /freebsd/sys/netinet/in_pcb.c /freebsd/sys/netinet/in_pcb.h /freebsd/sys/netinet/in_pcb_var.h /freebsd/sys/netinet/ip_output.c /freebsd/sys/netpfil/pf/if_pflog.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_ioctl.c /freebsd/sys/riscv/include/vmm.h /freebsd/sys/riscv/vmm/vmm.c /freebsd/sys/riscv/vmm/vmm_dev_machdep.c /freebsd/sys/riscv/vmm/vmm_riscv.c /freebsd/sys/tools/syscalls/core/freebsd-syscall.lua /freebsd/sys/tools/syscalls/examples/cpp/Makefile /freebsd/sys/tools/syscalls/examples/cpp/syscalls.conf /freebsd/sys/tools/syscalls/examples/cpp/syscalls.master /freebsd/sys/tools/syscalls/examples/cpp/test_proto.h /freebsd/sys/tools/syscalls/examples/cpp/test_syscall.h /freebsd/sys/tools/syscalls/examples/cpp/test_syscalls.c /freebsd/sys/tools/syscalls/examples/cpp/test_syscalls.map /freebsd/sys/tools/syscalls/examples/cpp/test_sysent.c /freebsd/sys/tools/syscalls/examples/cpp/test_systrace_args.c /freebsd/sys/tools/syscalls/scripts/init_sysent.lua /freebsd/sys/tools/syscalls/scripts/syscall_mk.lua /freebsd/sys/tools/syscalls/scripts/syscalls.lua /freebsd/sys/tools/syscalls/scripts/syscalls_map.lua /freebsd/sys/tools/syscalls/scripts/sysproto_h.lua /freebsd/sys/tools/syscalls/scripts/systrace_args.lua /freebsd/sys/tools/syscalls/tools/util.lua /freebsd/tests/sys/netinet/Makefile /freebsd/tests/sys/netinet/udp_bindings.c pf/icmp.py /freebsd/tests/sys/sound/pcm_read_write.c /freebsd/tools/boot/full-test.sh /freebsd/tools/regression/netinet/ipbroadcast/ipbroadcast.c /freebsd/usr.bin/shar/shar.sh /freebsd/usr.sbin/Makefile /freebsd/usr.sbin/wlanstats/Makefile /freebsd/usr.sbin/wlanstats/main.c /freebsd/usr.sbin/wlanstats/wlanstats.c /freebsd/usr.sbin/wlanstats/wlanstats.h
1f1963bd	17-Feb-2025	Jose Luis Duran <jlduran@FreeBSD.org>	pf tests: Remove Scapy as a required program Scapy is not needed to run this test. Remove it from the required programs list. Reviewed by: kp Approved by: emaste (mentor) MFC after: 1 week Differe pf tests: Remove Scapy as a required program Scapy is not needed to run this test. Remove it from the required programs list. Reviewed by: kp Approved by: emaste (mentor) MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D49006 show more ... /freebsd/tests/sys/netinet6/ndp.sh pf/rdr.sh
cf4a4e4f	17-Feb-2025	Jose Luis Duran <jlduran@FreeBSD.org>	pf tests: Add Scapy as a required program The utils.subr file includes a couple of subroutines (ping_dummy_check_request and ping_server_check_reply) that require Scapy. Add this requirement in the pf tests: Add Scapy as a required program The utils.subr file includes a couple of subroutines (ping_dummy_check_request and ping_server_check_reply) that require Scapy. Add this requirement in the header of each test that makes use of them. Reported by: Jenkins Reviewed by: kp Approved by: emaste (mentor) Fixes: 07e070ef0869 ("pf: Add support for multiple source node types") Differential Revision: https://reviews.freebsd.org/D49004 show more ... /freebsd/UPDATING /freebsd/sbin/ifconfig/ifieee80211.c /freebsd/sbin/pfctl/parse.y /freebsd/share/man/man5/style.mdoc.5 /freebsd/sys/arm/arm/generic_timer.c /freebsd/sys/arm64/arm64/identcpu.c /freebsd/sys/arm64/arm64/locore.S /freebsd/sys/arm64/include/armreg.h /freebsd/sys/arm64/include/asm.h /freebsd/sys/arm64/include/elf.h /freebsd/sys/compat/linuxkpi/common/include/linux/ieee80211.h /freebsd/sys/compat/linuxkpi/common/include/linux/nl80211.h /freebsd/sys/compat/linuxkpi/common/include/linux/skbuff.h /freebsd/sys/compat/linuxkpi/common/include/net/cfg80211.h /freebsd/sys/compat/linuxkpi/common/include/net/mac80211.h /freebsd/sys/compat/linuxkpi/common/src/linux_80211.c /freebsd/sys/compat/linuxkpi/common/src/linux_80211.h /freebsd/sys/compat/linuxkpi/common/src/linux_80211_macops.c /freebsd/sys/conf/files /freebsd/sys/dev/etherswitch/ar40xx/ar40xx_phy.c /freebsd/sys/dev/flash/w25n.c /freebsd/sys/dev/flash/w25nreg.h /freebsd/sys/dev/sdhci/sdhci_fdt_rockchip.c /freebsd/sys/fs/nfs/nfs_commonkrpc.c /freebsd/sys/fs/nfs/nfs_var.h /freebsd/sys/fs/nfs/nfsclstate.h /freebsd/sys/fs/nfsclient/nfs_clstate.c /freebsd/sys/kern/kern_umtx.c /freebsd/sys/kern/subr_pctrie.c /freebsd/sys/libkern/strdup.c /freebsd/sys/libkern/strndup.c /freebsd/sys/net80211/_ieee80211.h /freebsd/sys/net80211/ieee80211.h /freebsd/sys/net80211/ieee80211_crypto_ccmp.c /freebsd/sys/net80211/ieee80211_node.c /freebsd/sys/net80211/ieee80211_var.h /freebsd/sys/netpfil/pf/if_pflog.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/sys/param.h /freebsd/sys/sys/pctrie.h /freebsd/sys/vm/vm_object.c pf/src_track.sh
26a7be91	11-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: basic 'any' interface test case Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/sbin/pfctl/parse.y /freebsd/share/man/man3/queue.3 /freebsd/share/man/man4/pf.4 /freebsd/share/man/man5/pf.conf.5 /freebsd/sys/kern/kern_ktrace.c /freebsd/sys/modules/vmm/Makefile /freebsd/sys/net/pfvar.h /freebsd/sys/netpfil/pf/pf_if.c /freebsd/sys/netpfil/pf/pf_table.c /freebsd/sys/sys/queue.h pf/pass_block.sh /freebsd/tools/tools/fib_multibind/sink.c /freebsd/usr.bin/limits/tests/limits_test.sh /freebsd/usr.sbin/bhyve/pci_passthru.c
685fb425	14-Feb-2025	Franco Fichtner <franco@opnsense.org>	pf: Log the intended action when a NAT rule matches a packet When a packet matches a binat/nat/rdr rule, pf logs the match. The log metadata includes the rule's action on the packet, e.g., PF_PASS. pf: Log the intended action when a NAT rule matches a packet When a packet matches a binat/nat/rdr rule, pf logs the match. The log metadata includes the rule's action on the packet, e.g., PF_PASS. NAT rules have their own actions: PF_BINAT, PF_NAT, PF_RDR. Before commit 948e8413aba0 ("pflog: pass the action to pflog directly"), pflog_packet() would obtain the action from the rule definition, whereas after that commit the action is passed as a parameter. When a NAT rule matches, we want to log the rule action, but after that commit, PF_PASS is hard-coded. Restore the previous behaviour. Add a regression test which installs a redirect, logs packets matching the redirect rule, and verifies that the corresponding pflog entry includes the correct action. Reviewed by: kp Fixes: 948e8413aba0 ("pflog: pass the action to pflog directly") MFC after: 2 weeks Sponsored by: Klara, Inc. Sponsored by: OPNsense Differential Revision: https://reviews.freebsd.org/D48911 show more ... /freebsd/ObsoleteFiles.inc /freebsd/sys/dev/bnxt/bnxt_en/bnxt.h /freebsd/sys/dev/bnxt/bnxt_en/bnxt_dcb.c /freebsd/sys/dev/bnxt/bnxt_en/bnxt_mgmt.c /freebsd/sys/dev/bnxt/bnxt_en/bnxt_sysctl.c /freebsd/sys/dev/cxgb/cxgb_main.c /freebsd/sys/dev/cxgbe/adapter.h /freebsd/sys/dev/cxgbe/t4_l2t.c /freebsd/sys/dev/cxgbe/t4_l2t.h /freebsd/sys/dev/cxgbe/t4_main.c /freebsd/sys/dev/cxgbe/tom/t4_tom_l2t.c /freebsd/sys/dev/e1000/e1000_defines.h /freebsd/sys/dev/e1000/em_txrx.c /freebsd/sys/dev/gve/gve.h /freebsd/sys/dev/gve/gve_desc.h /freebsd/sys/dev/gve/gve_main.c /freebsd/sys/dev/gve/gve_rx.c /freebsd/sys/dev/gve/gve_rx_dqo.c /freebsd/sys/dev/gve/gve_sysctl.c /freebsd/sys/dev/gve/gve_tx.c /freebsd/sys/dev/gve/gve_tx_dqo.c /freebsd/sys/dev/igc/igc_defines.h /freebsd/sys/dev/usb/wlan/if_mtw.c /freebsd/sys/netpfil/pf/pf.c pf/pflog.sh /freebsd/usr.sbin/jls/jls.8 /freebsd/usr.sbin/jls/jls.c
07e070ef	07-Feb-2025	Kajetan Staszkiewicz <ks@FreeBSD.org>	pf: Add support for multiple source node types For every state pf creates up to two source nodes: a limiting one struct pf_kstate -> src_node and a NAT one struct pf_kstate -> nat_src_node. The limi pf: Add support for multiple source node types For every state pf creates up to two source nodes: a limiting one struct pf_kstate -> src_node and a NAT one struct pf_kstate -> nat_src_node. The limiting source node is tracking information needed for limits using max-src-states and max-src-nodes and the NAT source node is tracking NAT rules only. On closer inspection some issues emerge: - For route-to rules the redirection decision is stored in the limiting source node. Thus sticky-address and source limiting can't be used separately. - Global source tracking, as promised in the man page, is totally absent from the code. Pfctl is capable of setting flags PFRULE_SRCTRACK (enable source tracking) and PFRULE_RULESRCTRACK (make source tracking per rule). The kernel code checks PFRULE_SRCTRACK but ignores PFRULE_RULESRCTRACK. That makes source tracking work per-rule only. This patch is based on OpenBSD approach where source nodes have a type and each state has an array of source node pointers indexed by source node type instead of just two pointers. The conditions for limiting are applied only to source nodes of PF_SN_LIMIT type. For global limit tracking source nodes are attached to the default rule. Reviewed by: kp Approved by: kp (mentor) Sponsored by: InnoGames GmbH Differential Revision: https://reviews.freebsd.org/D39880 show more ... /freebsd/lib/libpfctl/libpfctl.c /freebsd/lib/libpfctl/libpfctl.h /freebsd/sbin/pfctl/pf_print_state.c /freebsd/sbin/pfctl/pfctl.c /freebsd/sbin/pfctl/pfctl_parser.c /freebsd/sys/net/pfvar.h /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf.h /freebsd/sys/netpfil/pf/pf_ioctl.c /freebsd/sys/netpfil/pf/pf_lb.c /freebsd/sys/netpfil/pf/pf_nl.c /freebsd/sys/netpfil/pf/pf_nl.h /freebsd/sys/netpfil/pf/pf_nv.c /freebsd/sys/powerpc/powerpc/platform.c pf/src_track.sh
26fb3871	10-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: add basic ! received-on test case Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/lib/libpfctl/libpfctl.c /freebsd/lib/libpfctl/libpfctl.h /freebsd/sbin/pfctl/parse.y /freebsd/sbin/pfctl/pfctl_parser.c /freebsd/share/man/man5/pf.conf.5 /freebsd/sys/net/pfvar.h /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_ioctl.c /freebsd/sys/netpfil/pf/pf_nl.c /freebsd/sys/netpfil/pf/pf_nl.h pf/pass_block.sh
90ef7a0b	10-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: test 'quick' for match rules Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/lib/libsys/recv.2 /freebsd/sbin/pfctl/parse.y /freebsd/sbin/pfctl/pfctl.8 /freebsd/sbin/pfctl/pfctl_parser.c /freebsd/sbin/pfctl/pfctl_parser.h /freebsd/share/man/man5/pf.conf.5 /freebsd/sys/dev/mlx5/mlx5_accel/mlx5_ipsec.c /freebsd/sys/dev/mlx5/mlx5_core/mlx5_cmd.c /freebsd/sys/dev/usb/wlan/if_mtw.c /freebsd/sys/netinet/cc/cc_cubic.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf.h /freebsd/sys/netpfil/pf/pf_norm.c pf/match.sh
e736f6df	12-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: fix test skipping when pf is not loaded Two test cases in table.sh didn't call pft_init and thus didn't skip if pf is not loaded. The fragmentation_pass:v6_route_to test had the test body pf tests: fix test skipping when pf is not loaded Two test cases in table.sh didn't call pft_init and thus didn't skip if pf is not loaded. The fragmentation_pass:v6_route_to test had the test body in the cleanup function, so got run even when pf was not loaded. Sponsored by: Rubicon Communications, LLC ("Netgate") show more ... pf/fragmentation_pass.sh pf/table.sh
d11a1965	06-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: verify that table counters work on match rules Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/sys/dev/usb/wlan/if_uath.c /freebsd/sys/net/pfvar.h /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_norm.c pf/table.sh /freebsd/usr.sbin/ctld/ctld.c /freebsd/usr.sbin/ctld/ctld.h /freebsd/usr.sbin/ctld/discovery.c /freebsd/usr.sbin/ctld/kernel.c /freebsd/usr.sbin/ctld/login.c /freebsd/usr.sbin/ctld/parse.y /freebsd/usr.sbin/ctld/uclparse.c /freebsd/usr.sbin/syslogd/tests/syslogd_test.sh /freebsd/usr.sbin/syslogd/tests/syslogd_test_common.sh
65cc5af1	12-Feb-2025	Jose Luis Duran <jlduran@FreeBSD.org>	sys tests: Add scapy as a required program These atf-python tests rely on scapy to run. Add it as a required program. Reported by: glebius, kp Reviewed by: kp Approved by: emaste (mentor) MFC after sys tests: Add scapy as a required program These atf-python tests rely on scapy to run. Add it as a required program. Reported by: glebius, kp Reviewed by: kp Approved by: emaste (mentor) MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D48946 show more ... /freebsd/tests/sys/netinet/carp.py /freebsd/tests/sys/netinet/igmp.py pf/frag6.py pf/icmp.py pf/nat64.py pf/nat66.py
6c795ce1	05-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: verify that a nested anchor does not clear the quick flag Sponsored by: Rubicon Communications, LLC ("Netgate") /freebsd/crypto/openssh/config.h /freebsd/sbin/pfctl/pfctl.8 /freebsd/sbin/pfctl/pfctl_parser.c /freebsd/share/man/man9/make_dev.9 /freebsd/share/mk/Makefile /freebsd/share/mk/local.sys.env.mk /freebsd/sys/fs/nfs/nfs_commonkrpc.c /freebsd/sys/fs/nfs/nfs_commonsubs.c /freebsd/sys/net/pfvar.h /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf.h /freebsd/sys/netpfil/pf/pf_lb.c /freebsd/tests/sys/kern/unix_stream.c pf/anchor.sh /freebsd/usr.bin/sockstat/sockstat.1 /freebsd/usr.bin/sockstat/sockstat.c
e295e0b8	11-Feb-2025	Jose Luis Duran <jlduran@FreeBSD.org>	tests: Add scapy as a required program The utils.subr file includes a couple of subroutines (ping_dummy_check_request and ping_server_check_reply) that require scapy. Add this requirement in the he tests: Add scapy as a required program The utils.subr file includes a couple of subroutines (ping_dummy_check_request and ping_server_check_reply) that require scapy. Add this requirement in the header of each test that makes use of them. Reported by: Jenkins Reviewed by: kp, ngie Approved by: emaste (mentor) Differential Revision: https://reviews.freebsd.org/D48917 show more ... /freebsd/lib/geom/part/gpart.8 /freebsd/libexec/tftpd/tests/Makefile /freebsd/sbin/newfs_msdos/Makefile /freebsd/share/man/man5/pf.conf.5 /freebsd/share/mk/bsd.sys.mk /freebsd/sys/conf/kern.mk /freebsd/sys/dev/iavf/iavf_lib.c /freebsd/sys/dev/iavf/iavf_lib.h /freebsd/sys/dev/iavf/if_iavf_iflib.c /freebsd/sys/dev/pci/pci.c /freebsd/sys/dev/pci/pcireg.h /freebsd/sys/dev/pci/pcivar.h pf/fragmentation_pass.sh pf/max_states.sh pf/route_to.sh pf/src_track.sh /freebsd/usr.bin/sort/Makefile /freebsd/usr.bin/zstd/Makefile /freebsd/usr.sbin/makefs/Makefile
db100bd9	04-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: add more fragmentation test cases Add more test cases for pf fragment hole counter. Also look into final fragment of echo reply and check total length of IP packet. MFC after: 1 week Obt pf tests: add more fragmentation test cases Add more test cases for pf fragment hole counter. Also look into final fragment of echo reply and check total length of IP packet. MFC after: 1 week Obtained from: OpenBSD, bluhm <bluhm@openbsd.org>, 640736615b Sponsored by: Rubicon Communications, LLC ("Netgate") show more ... /freebsd/ObsoleteFiles.inc /freebsd/RELNOTES /freebsd/bin/csh/Makefile /freebsd/contrib/mandoc/mdoc.7 /freebsd/contrib/netbsd-tests/usr.bin/grep/t_grep.sh /freebsd/contrib/one-true-awk/FIXES /freebsd/contrib/one-true-awk/lex.c /freebsd/contrib/one-true-awk/lib.c /freebsd/contrib/one-true-awk/main.c /freebsd/contrib/one-true-awk/run.c /freebsd/contrib/one-true-awk/testdir/T.errmsg /freebsd/contrib/one-true-awk/testdir/T.misc /freebsd/crypto/openssh/config.h /freebsd/lib/libpfctl/libpfctl.c /freebsd/lib/libpfctl/libpfctl.h /freebsd/lib/libsys/getsockopt.2 /freebsd/lib/libvmmapi/vmmapi.c /freebsd/libexec/rc/rc.d/iovctl /freebsd/libexec/rc/rc.subr /freebsd/sbin/ipfw/ipfw2.c /freebsd/sbin/pfctl/pfctl.c /freebsd/sbin/pfctl/pfctl.h /freebsd/sbin/pfctl/pfctl_parser.c /freebsd/sbin/pfctl/pfctl_radix.c /freebsd/sbin/pfctl/pfctl_table.c /freebsd/secure/lib/libssh/Makefile /freebsd/secure/ssh.mk /freebsd/secure/usr.bin/ssh/Makefile /freebsd/secure/usr.sbin/sshd/Makefile /freebsd/share/man/man4/Makefile /freebsd/share/man/man4/tcp.4 /freebsd/share/man/man4/tty.4 /freebsd/share/man/man4/udp.4 /freebsd/share/man/man7/arch.7 /freebsd/share/man/man9/Makefile /freebsd/share/misc/committers-ports.dot /freebsd/share/mk/auto.obj.mk /freebsd/share/mk/dirdeps-targets.mk /freebsd/share/mk/dirdeps.mk /freebsd/share/mk/gendirdeps.mk /freebsd/share/mk/meta.sys.mk /freebsd/share/mk/meta2deps.py /freebsd/share/mk/src.libnames.mk /freebsd/share/mk/sys.dependfile.mk /freebsd/share/vt/keymaps/INDEX.keymaps /freebsd/share/vt/keymaps/Makefile /freebsd/share/vt/keymaps/ca-multi.kbd /freebsd/stand/defaults/loader.conf.5 /freebsd/sys/arm/rockchip/files.rk32xx /freebsd/sys/arm64/conf/std.xilinx /freebsd/sys/arm64/include/bus.h /freebsd/sys/cam/scsi/scsi_cd.c /freebsd/sys/cam/scsi/scsi_da.c /freebsd/sys/compat/linuxkpi/common/include/linux/cc_platform.h /freebsd/sys/conf/files.arm64 /freebsd/sys/dev/cxgbe/tom/t4_tom.c /freebsd/sys/dev/iicbus/acpi_iicbus.c /freebsd/sys/dev/ixgbe/if_ix.c /freebsd/sys/dev/ixgbe/ixgbe_82599.c /freebsd/sys/dev/ixgbe/ixgbe_osdep.c /freebsd/sys/dev/ixgbe/ixgbe_osdep.h /freebsd/sys/dev/ixgbe/ixgbe_phy.c /freebsd/sys/dev/ixgbe/ixgbe_phy.h /freebsd/sys/dev/ixgbe/ixgbe_type.h /freebsd/sys/dev/ixgbe/ixgbe_x550.c /freebsd/sys/dev/mlx5/mlx5_accel/mlx5_ipsec.c /freebsd/sys/dev/sdhci/sdhci_fdt.c /freebsd/sys/dev/sdhci/sdhci_fdt.h /freebsd/sys/dev/sdhci/sdhci_fdt_rockchip.c /freebsd/sys/dev/sdhci/sdhci_fdt_xilinx.c /freebsd/sys/kern/kern_sysctl.c /freebsd/sys/kern/subr_pctrie.c /freebsd/sys/kern/sys_socket.c /freebsd/sys/kern/uipc_domain.c /freebsd/sys/kern/uipc_socket.c /freebsd/sys/kern/uipc_usrreq.c /freebsd/sys/modules/usb/mtw/Makefile /freebsd/sys/net/ieee8023ad_lacp.c /freebsd/sys/net/if.c /freebsd/sys/net/if_media.h /freebsd/sys/net/pfvar.h /freebsd/sys/net/rtsock.c /freebsd/sys/netinet/in_pcb.c /freebsd/sys/netinet/in_pcb.h /freebsd/sys/netinet/in_pcb_var.h /freebsd/sys/netinet/ip_icmp.c /freebsd/sys/netinet/ip_mroute.c /freebsd/sys/netinet/ip_output.c /freebsd/sys/netinet/raw_ip.c /freebsd/sys/netinet/tcp_input.c /freebsd/sys/netinet/tcp_usrreq.c /freebsd/sys/netinet/tcp_var.h /freebsd/sys/netinet/udp_usrreq.c /freebsd/sys/netinet/udp_var.h /freebsd/sys/netinet6/icmp6.c /freebsd/sys/netinet6/in6_pcb.c /freebsd/sys/netinet6/in6_pcb.h /freebsd/sys/netinet6/ip6_output.c /freebsd/sys/netinet6/nd6.c /freebsd/sys/netinet6/raw_ip6.c /freebsd/sys/netinet6/udp6_usrreq.c /freebsd/sys/netpfil/ipfw/ip_fw_table_value.c /freebsd/sys/netpfil/pf/pf.c /freebsd/sys/netpfil/pf/pf_ioctl.c /freebsd/sys/netpfil/pf/pf_lb.c /freebsd/sys/netpfil/pf/pf_nl.c /freebsd/sys/netpfil/pf/pf_nl.h /freebsd/sys/netpfil/pf/pf_norm.c /freebsd/sys/powerpc/powerpc/busdma_machdep.c /freebsd/sys/security/audit/audit.c /freebsd/sys/security/mac_biba/mac_biba.c /freebsd/sys/security/mac_lomac/mac_lomac.c /freebsd/sys/sys/pctrie.h /freebsd/sys/sys/socket.h /freebsd/sys/sys/socketvar.h /freebsd/tests/sys/kern/unix_stream.c /freebsd/tests/sys/netinet/Makefile /freebsd/tests/sys/netinet/fibs_multibind_test.c pf/Makefile pf/frag-adjhole.py pf/frag-overhole.py pf/fragmentation_pass.sh /freebsd/tests/sys/vmm/vmm_cred_jail.sh /freebsd/tools/tools/fib_multibind/Makefile /freebsd/tools/tools/fib_multibind/sink.c /freebsd/usr.bin/grep/zgrep.sh /freebsd/usr.sbin/config/config.5
0cd95355	05-Feb-2025	Kristof Provost <kp@FreeBSD.org>	pf tests: extend set-tos test Verify that we can set-tos on pass rules, and that this still works even if a 'scrub' option is present on the pass rule. Sponsored by: Rubicon Communications, LLC ("N pf tests: extend set-tos test Verify that we can set-tos on pass rules, and that this still works even if a 'scrub' option is present on the pass rule. Sponsored by: Rubicon Communications, LLC ("Netgate") show more ... /freebsd/ObsoleteFiles.inc /freebsd/etc/mtree/BSD.debug.dist /freebsd/libexec/rtld-elf/rtld.c /freebsd/sbin/ipf/ipnat/ipnat.5 /freebsd/share/man/man9/BUS_HINTED_CHILD.9 /freebsd/share/man/man9/DEVICE_ATTACH.9 /freebsd/share/man/man9/DEVICE_IDENTIFY.9 /freebsd/share/man/man9/Makefile /freebsd/share/man/man9/bus_attach_children.9 /freebsd/share/man/man9/bus_generic_detach.9 /freebsd/share/man/man9/bus_generic_print_child.9 /freebsd/share/man/man9/device_delete_child.9 /freebsd/share/man/man9/device_probe_and_attach.9 /freebsd/share/mk/bsd.README /freebsd/share/mk/bsd.lib.mk /freebsd/sys/arm64/arm64/efirt_support.S /freebsd/sys/dev/hptrr/hptrr_osm_bsd.c /freebsd/sys/dev/mlx4/mlx4_core/mlx4_cmd.c /freebsd/sys/dev/mpt/mpt.c /freebsd/sys/dev/mpt/mpt_cam.c /freebsd/sys/kern/bus_if.m /freebsd/sys/kern/subr_bus.c /freebsd/sys/kern/vfs_subr.c /freebsd/sys/kern/vfs_syscalls.c /freebsd/sys/modules/efirt/Makefile /freebsd/sys/netinet/ip_carp.c /freebsd/sys/netinet/libalias/libalias.3 /freebsd/sys/netlink/netlink_ctl.h /freebsd/sys/netlink/netlink_domain.c /freebsd/sys/netlink/netlink_generic.c /freebsd/sys/netlink/netlink_glue.c /freebsd/sys/netlink/netlink_io.c /freebsd/sys/netlink/netlink_module.c /freebsd/sys/netlink/netlink_sysevent.c /freebsd/sys/netlink/netlink_var.h /freebsd/sys/netlink/route/iface.c /freebsd/sys/netpfil/pf/pf_nl.c /freebsd/sys/netpfil/pf/pf_norm.c /freebsd/sys/netpfil/pf/pflow.c /freebsd/sys/riscv/vmm/riscv.h /freebsd/sys/riscv/vmm/vmm_aplic.c /freebsd/sys/riscv/vmm/vmm_riscv.c /freebsd/sys/riscv/vmm/vmm_sbi.c /freebsd/sys/rpc/clnt_nl.c /freebsd/sys/sys/bus.h /freebsd/sys/tests/ktest.c /freebsd/sys/x86/x86/cpu_machdep.c /freebsd/sys/x86/x86/local_apic.c pf/set_tos.sh /freebsd/tools/boot/ci-qemu-test.sh /freebsd/usr.sbin/bhyve/riscv/vmexit.c /freebsd/usr.sbin/ctladm/ctladm.c /freebsd/usr.sbin/ctld/ctld.c /freebsd/usr.sbin/ctld/ctld.h /freebsd/usr.sbin/ctld/kernel.c /freebsd/usr.sbin/ctld/login.c /freebsd/usr.sbin/ctld/uclparse.c /freebsd/usr.sbin/mptutil/mpt_config.c /freebsd/usr.sbin/ppp/ppp.8
12 3 4 5 6 7 8 9 10 >>...16