From owner-svn-src-all@freebsd.org Fri Jul 12 00:35:45 2019 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E1AD715E20E2; Fri, 12 Jul 2019 00:35:44 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 78F037297F; Fri, 12 Jul 2019 00:35:44 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5A0556B28; Fri, 12 Jul 2019 00:35:44 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x6C0Ziih071848; Fri, 12 Jul 2019 00:35:44 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x6C0ZijI071847; Fri, 12 Jul 2019 00:35:44 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201907120035.x6C0ZijI071847@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Fri, 12 Jul 2019 00:35:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r349926 - stable/12/sys/contrib/ipfilter/netinet X-SVN-Group: stable-12 X-SVN-Commit-Author: cy X-SVN-Commit-Paths: stable/12/sys/contrib/ipfilter/netinet X-SVN-Commit-Revision: 349926 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 78F037297F X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.92 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.92)[-0.917,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jul 2019 00:35:45 -0000 Author: cy Date: Fri Jul 12 00:35:43 2019 New Revision: 349926 URL: https://svnweb.freebsd.org/changeset/base/349926 Log: MFC r348986: Register pfil hooks when VNET != vnet0. r302298, which virtualized ipf, assumed the pfil hook registration performed in ipf_modload() would take are of this. However ipf_modload() is only called when the ipl kld is loaded or when ipfilter is first called when it is statically linked into the kernel at build time. Prior to this, even though r302298 has been in the tree for a while, it has never been used. So, r302298 in reality begins now. PR: 212000 Reported by: ahsanb@ Modified: stable/12/sys/contrib/ipfilter/netinet/mlfk_ipl.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/contrib/ipfilter/netinet/mlfk_ipl.c ============================================================================== --- stable/12/sys/contrib/ipfilter/netinet/mlfk_ipl.c Thu Jul 11 23:54:50 2019 (r349925) +++ stable/12/sys/contrib/ipfilter/netinet/mlfk_ipl.c Fri Jul 12 00:35:43 2019 (r349926) @@ -225,6 +225,9 @@ vnet_ipf_init(void) "" #endif ); + } else { + (void)ipf_pfil_hook(); + ipf_event_reg(); } } VNET_SYSINIT(vnet_ipf_init, SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD,