From nobody Mon Nov 20 13:05:13 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SYnmT6bSgz51GTD; Mon, 20 Nov 2023 13:05:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SYnmT5pFDz3cwJ; Mon, 20 Nov 2023 13:05:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1700485513; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dZXT/lAIoVWxRSPgWnNEdgWo/wTXZ9/Eu2fwu+nYUiM=; b=oNBp79sWcOXB44smAobcFJjEZarmfs6bpN3rl8ZAUAa3e/rRC7EdupXQSO5ZuqIlOtJYbj UV1+mgNkEHg3i6thmxi4J488QEwNRSoIBHAjqq3NqYjsfwxkHdfe69nD5qxVcCQrEGlPzA LezC2RDCZTFuqQ80EftwDZv6opVlPDyda0w72RqMU0wzr7qfgJVPbXYGAI+Ot89lIAxuqd 2qwX02BQUBia/jdsLRNXyqEihvPbA5dJ9LRfnKPKB5UosLRIxkhdLwl+NJFWsPjL56/Ham qQmnCcdxNo7Xljw/5ouwebgRwOEx0lV9Z0MSUqfWkiRFU882WwuJ+GUw0PswlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1700485513; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dZXT/lAIoVWxRSPgWnNEdgWo/wTXZ9/Eu2fwu+nYUiM=; b=bxT1k4epHfMw7QAdafsZo/vBW+FG5MNZgm/cgvzXPmlxYK1CS3fEbnTDEiU6bvtjRDW7b+ TnMp0Jmur9nvqRmUvVcWTF0qYTvNO1p3tZ8ujuE2b2eDZp4IihA3WCa1Fjq8M2O1IdhlG4 X4FE2YdTn/3rN77ZfYqdQVUoHt8yYXxXu2i1mPEmUd+9zsQdYxbrkK8jUWk9L6kXwA+Bhd 5dXaQiDrCR1e8VnFzmfXiFo0bIgFsy8Ym2P3DumuwwH2N10sgsxf2CqXgEea+NDmjRaOf5 UX4ZjaZ7VALHD/BALY1fXgUyBr6KE6ZMK3fjjV7r7J5hbvj69sB+bA8VWYKxGA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1700485513; a=rsa-sha256; cv=none; b=BLrRPeeN5DVWa2aMQylYgD/2OhUfTIfdN06JsiZudYJfxzE2r+GZjA64QHhAKxw/BAFfMs WXc64vNRZk2oIVB+qDEm2usJyftM3ZfleF4r4mnCl4a4wk+Iuwf5BNRbI/w74ebHnHGNK9 UZTrawt1tDkCe352Otr7smuTpEc7jk2bvv2FR/ljI0PAe0zB8pRtPqcXGGYYvJBy54UE2B hjNgcLSOyU8OjdX4jDtRef/Lfg3KqfsRUIXmfFeuFCEfZPlIvwQWtxcTuIOpxjgHvJOqtk dKlgNs5LSm7RJZzbopF9EnSr8uuqDDTH/fIcz4KXtgwWfe7kHDTxVWCD+YpBpg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SYnmT4tDQzsy8; Mon, 20 Nov 2023 13:05:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3AKD5DJj089887; Mon, 20 Nov 2023 13:05:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3AKD5Ddl089884; Mon, 20 Nov 2023 13:05:13 GMT (envelope-from git) Date: Mon, 20 Nov 2023 13:05:13 GMT Message-Id: <202311201305.3AKD5Ddl089884@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 7e1affa242ca - main - pf.conf.5: revise divert-to and divert-reply List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7e1affa242ca83710eb64e2c6184263fbea3deb7 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=7e1affa242ca83710eb64e2c6184263fbea3deb7 commit 7e1affa242ca83710eb64e2c6184263fbea3deb7 Author: Igor Ostapenko AuthorDate: 2023-11-17 20:01:17 +0000 Commit: Kristof Provost CommitDate: 2023-11-20 11:30:18 +0000 pf.conf.5: revise divert-to and divert-reply --- share/man/man5/pf.conf.5 | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index b241e5173ef0..3193c18760c8 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -27,7 +27,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd October 27, 2023 +.Dd November 17, 2023 .Dt PF.CONF 5 .Os .Sh NAME @@ -2151,19 +2151,22 @@ Only effective before the route lookup happened, i.e. when filtering inbound. .It Xo Ar divert-to Aq Ar host .Ar port Aq Ar port .Xc -Used to redirect packets to a local socket bound to -.Ar host -and +Used to +.Xr divert 4 +packets to the given divert .Ar port . -The packets will not be modified, so -.Xr getsockname 2 -on the socket will return the original destination address of the packet. +Historically +.Ox pf has another meaning for this, and +.Fx pf uses +this syntax to support +.Xr divert 4 instead. Hence, +.Ar host +has no meaning and can be set to anything like 127.0.0.1. +If a packet is re-injected and does not change direction then it will not be +re-diverted. .It Ar divert-reply -Used to receive replies for sockets that are bound to addresses -which are not local to the machine. -See -.Xr setsockopt 2 -for information on how to bind these sockets. +It has no meaning in +.Fx pf . .It Ar probability Aq Ar number A probability attribute can be attached to a rule, with a value set between 0 and 1, bounds not included.