Date: Thu, 27 Nov 2025 13:01:37 +0000 From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: a82347584ba7 - main - pf tests: fix killstate:v6 Message-ID: <69284bb1.24faa.703abbbe@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=a82347584ba708c4d20b25b2ed13794905ff639f commit a82347584ba708c4d20b25b2ed13794905ff639f Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-11-26 16:08:15 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-11-27 10:43:53 +0000 pf tests: fix killstate:v6 Allow neighbor discovery/advertisement packets, but don't create state for them. This ensures that the destination jail can respond to our echo requests, and that we don't create extra states that would confuse the test. Sponsored by: Rubicon Communications, LLC ("Netgate") --- tests/sys/netpfil/pf/killstate.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh index ffb01df57908..4c34c8036f06 100644 --- a/tests/sys/netpfil/pf/killstate.sh +++ b/tests/sys/netpfil/pf/killstate.sh @@ -187,6 +187,7 @@ v6_body() jexec alcatraz pfctl -e pft_set_rules alcatraz "block all" \ + "pass quick inet6 proto ipv6-icmp all icmp6-type { neighbrsol, neighbradv } no state" \ "pass in proto icmp6" \ "set skip on lo"help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69284bb1.24faa.703abbbe>