From nobody Thu Dec 21 18:22:25 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwzL96BpVz555Qn; Thu, 21 Dec 2023 18:22:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SwzL95mL2z3Yxl; Thu, 21 Dec 2023 18:22:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1703182945; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=e5NIM+IfOwO9I+EzC5s3WSmj8akclyH9KfbMKqravSQ=; b=IDKbLdFriLRcTsQPyBV59K2cRzY861B7RpcQ/CHtd8NBt11CV1l0NJWqE+V0+X5aO7ntqd +LrcJUAkn4m4JheOskaE1SWesljBrhAJz+ImlT2CFuFQuNmS/cbZTte7ui+QG32yT6uM9b mR1nBwME0B7s6iT53aw1dQgbcH1l83BI8f6tkiA/PmkRT5cotXHb1vtvZ3ypzRMXhtZM0T IJ4WAAhbuSw5eowtV6T7npRk2vRQ/ShTdwOI+9vA0OAwYIWWxGuaIDFRBgr6xX8Sa49VGs 45n1PP8KNqnbgWwhsih7a6YZU5O+oX3GWYyvCBwrONEAiGYAEE5oPzbJtT4SbA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703182945; a=rsa-sha256; cv=none; b=g+CYnveXqrA63aoYJsaZxpuGOaj/Y8djfNOzCDXgByECUS6SjHjPXoOlMdRkV1j3nt068d Mtm6cU5qydT74tRKPD5Iep+PpN8+e8PC6REWt2YYCiYX6O3+q2tr0OVLm0Yj1i6jSeAVpi sg2GXLIa67Shexn299QMYVzx6Yxs6xGhQQG4vgt0OyPk3CJIGWV/3xN8QpLo4gkDOWZRc2 zNEfG+mZvcCC2jkNZ/a9FhAmz1mka3HkhdiWlDcF60L+iep1Ipuum5BJnDt87yvY3VT/VC TeIU5relvor8j8UABEI+/W85miD0qlHu7VuPT9bVdDfVB5ICNLRC97QQGiWRrA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1703182945; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=e5NIM+IfOwO9I+EzC5s3WSmj8akclyH9KfbMKqravSQ=; b=R77q90vha5Q1OEJvxzZas/UiAh4DkwjoJVyWj56eT+1paklqqqg8fKyVIiPXBnIyuST369 1pGrkYOUceTamgIKdLr/Uz1FAcO64/LBXMzerq0d3Rvi30vkyWUPHsmWVcN+R7V7hZ8tnO rmiRZRpn/fVtuVGKuOd8NN7pYvlZ2Pznz3vAxwaTFfYHo063BmiqfzNCdxS+sfXRdKqmWR fMSYqBiN2lnipGjEBJlHxYHt8E1KSUaLvgQMOwE5o33QVE8WgzLxJXAifivT5hd4XZvLaM eEpEE11Xd+I6e0/vw3w9phPmE0ucKv3zgLlt9DdnExRhBfzS/RSEY3qY0KCgfw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwzL94qJXzjQW; Thu, 21 Dec 2023 18:22:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLIMPsp049790; Thu, 21 Dec 2023 18:22:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLIMPMX049787; Thu, 21 Dec 2023 18:22:25 GMT (envelope-from git) Date: Thu, 21 Dec 2023 18:22:25 GMT Message-Id: <202312211822.3BLIMPMX049787@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 881bf8814a25 - main - pf: export missing state information List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 881bf8814a250477850b83ee6ebbb052303051c8 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=881bf8814a250477850b83ee6ebbb052303051c8 commit 881bf8814a250477850b83ee6ebbb052303051c8 Author: Kristof Provost AuthorDate: 2023-12-21 17:20:37 +0000 Commit: Kristof Provost CommitDate: 2023-12-21 18:21:17 +0000 pf: export missing state information We did not export all of the information pfctl expected to print via the new netlink code. This manifested as pfctl printing 'rtableid: 0', even when there is no rtable set. While we're addressing that also export other missing fields such as dummynet, min_ttl, max_mss, .. Sponsored by: Rubicon Communications, LLC ("Netgate") --- lib/libpfctl/libpfctl.c | 7 +++++++ sys/netpfil/pf/pf_nl.c | 8 ++++++++ sys/netpfil/pf/pf_nl.h | 7 +++++++ 3 files changed, 22 insertions(+) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 10a63f15e2f8..f915072c4ea1 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -1386,6 +1386,13 @@ static struct snl_attr_parser ap_state[] = { { .type = PF_ST_LOG, .off = _OUT(log), .cb = snl_attr_get_uint8 }, { .type = PF_ST_STATE_FLAGS, .off = _OUT(state_flags), .cb = snl_attr_get_uint16 }, { .type = PF_ST_SYNC_FLAGS, .off = _OUT(sync_flags), .cb = snl_attr_get_uint8 }, + { .type = PF_ST_RTABLEID, .off = _OUT(rtableid), .cb = snl_attr_get_int32 }, + { .type = PF_ST_MIN_TTL, .off = _OUT(min_ttl), .cb = snl_attr_get_uint8 }, + { .type = PF_ST_MAX_MSS, .off = _OUT(max_mss), .cb = snl_attr_get_uint16 }, + { .type = PF_ST_DNPIPE, .off = _OUT(dnpipe), .cb = snl_attr_get_uint16 }, + { .type = PF_ST_DNRPIPE, .off = _OUT(dnrpipe), .cb = snl_attr_get_uint16 }, + { .type = PF_ST_RT, .off = _OUT(rt), .cb = snl_attr_get_uint8 }, + { .type = PF_ST_RT_IFNAME, .off = _OUT(rt_ifname), .cb = snl_attr_store_ifname }, }; static struct snl_field_parser fp_state[] = { }; diff --git a/sys/netpfil/pf/pf_nl.c b/sys/netpfil/pf/pf_nl.c index 67a7392ae448..8fe12f3762b9 100644 --- a/sys/netpfil/pf/pf_nl.c +++ b/sys/netpfil/pf/pf_nl.c @@ -194,6 +194,14 @@ dump_state(struct nlpcb *nlp, const struct nlmsghdr *hdr, struct pf_kstate *s, nlattr_add_u64(nw, PF_ST_PACKETS1, s->packets[1]); nlattr_add_u64(nw, PF_ST_BYTES0, s->bytes[0]); nlattr_add_u64(nw, PF_ST_BYTES1, s->bytes[1]); + nlattr_add_u32(nw, PF_ST_RTABLEID, s->act.rtableid); + nlattr_add_u8(nw, PF_ST_MIN_TTL, s->act.min_ttl); + nlattr_add_u16(nw, PF_ST_MAX_MSS, s->act.max_mss); + nlattr_add_u16(nw, PF_ST_DNPIPE, s->act.dnpipe); + nlattr_add_u16(nw, PF_ST_DNRPIPE, s->act.dnrpipe); + nlattr_add_u8(nw, PF_ST_RT, s->rt); + if (s->rt_kif != NULL) + nlattr_add_string(nw, PF_ST_RT_IFNAME, s->rt_kif->pfik_name); if (!dump_state_peer(nw, PF_ST_PEER_SRC, &s->src)) goto enomem; diff --git a/sys/netpfil/pf/pf_nl.h b/sys/netpfil/pf/pf_nl.h index 3ae77ffd3790..d8b494a54cf7 100644 --- a/sys/netpfil/pf/pf_nl.h +++ b/sys/netpfil/pf/pf_nl.h @@ -100,6 +100,13 @@ enum pfstate_type_t { PF_ST_VERSION = 28, /* u64 */ PF_ST_FILTER_ADDR = 29, /* in6_addr */ PF_ST_FILTER_MASK = 30, /* in6_addr */ + PF_ST_RTABLEID = 31, /* i32 */ + PF_ST_MIN_TTL = 32, /* u8 */ + PF_ST_MAX_MSS = 33, /* u16 */ + PF_ST_DNPIPE = 34, /* u16 */ + PF_ST_DNRPIPE = 35, /* u16 */ + PF_ST_RT = 36, /* u8 */ + PF_ST_RT_IFNAME = 37, /* string */ }; enum pf_addr_type_t {