Date: Thu, 19 Oct 2023 12:37:44 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 272770] "divert-to" rule creates packet loops on all FreeBSD 11.0 to 14.0 CURRENT versions Message-ID: <bug-272770-16861-rYnisHpBxF@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-272770-16861@https.bugs.freebsd.org/bugzilla/> References: <bug-272770-16861@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272770 --- Comment #2 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3Dfabf705f4b5aff2fa2dc997c2d0afd62a= 6927e68 commit fabf705f4b5aff2fa2dc997c2d0afd62a6927e68 Author: Igor Ostapenko <pm@igoro.pro> AuthorDate: 2023-10-19 10:12:15 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2023-10-19 10:12:15 +0000 pf: fix pf divert-to loop Resolved conflict between ipfw and pf if both are used and pf wants to do divert(4) by having separate mtags for pf and ipfw. Also fix the incorrect 'rulenum' check, which caused the reported loop. While here add a few test cases to ensure that divert-to works as expected, even if ipfw is loaded. divert(4) PR: 272770 MFC after: 3 weeks Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D42142 sys/netinet/ip_divert.c | 31 ++- sys/netinet/ip_var.h | 10 + sys/netpfil/pf/pf.c | 32 ++- tests/sys/netpfil/pf/Makefile | 4 + tests/sys/netpfil/pf/divapp.c (new) | 149 ++++++++++++ tests/sys/netpfil/pf/divert-to.sh (new) | 413 ++++++++++++++++++++++++++++= ++++ 6 files changed, 625 insertions(+), 14 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272770-16861-rYnisHpBxF>