Date: Fri, 10 May 2019 11:31:21 -0400 From: Andrew Gallatin <gallatin@cs.duke.edu> To: Slawa Olhovchenkov <slw@zxy.spb.ru> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org, kp@freebsd.org Subject: Re: svn commit: r347410 - in head: . sys/amd64/conf sys/arm/conf sys/arm64/conf sys/i386/conf sys/powerpc/conf sys/riscv/conf sys/sparc64/conf Message-ID: <0842eef5-5f1f-c25a-a470-a424c536f1ed@cs.duke.edu> In-Reply-To: <20190510124458.GB65054@zxy.spb.ru> References: <201905092238.x49McFCO015665@repo.freebsd.org> <20190510124458.GB65054@zxy.spb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------FA406BCE8D96BE8CAE3E7A66
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
On 2019-05-10 08:44, Slawa Olhovchenkov wrote:
> pf have ifdef for IPSEC, but don't have support IPSEC_SUPPORT
> (netpfil/pf/if_pfsync.c).
>
Thanks for pointing this out. It seems like IPSEC_SUPPORT would work
for this. I've made a patch, and it compiles and the pf module loads.
However, I have no knowledge of how to test it. Is this something
that you use, and which you can test?
Thanks,
Drew
--------------FA406BCE8D96BE8CAE3E7A66
Content-Type: text/x-patch;
name="pf.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="pf.diff"
diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c
index 45b1e090f95c..cc06637b862e 100644
--- a/sys/netpfil/pf/if_pfsync.c
+++ b/sys/netpfil/pf/if_pfsync.c
@@ -308,7 +308,7 @@ static void pfsync_bulk_update(void *);
static void pfsync_bulk_fail(void *);
static void pfsync_detach_ifnet(struct ifnet *);
-#ifdef IPSEC
+#ifdef IPSEC_SUPPORT
static void pfsync_update_net_tdb(struct pfsync_tdb *);
#endif
static struct pfsync_bucket *pfsync_get_bucket(struct pfsync_softc *,
@@ -1228,7 +1228,7 @@ pfsync_in_tdb(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
{
int len = count * sizeof(struct pfsync_tdb);
-#if defined(IPSEC)
+#if defined(IPSEC_SUPPORT)
struct pfsync_tdb *tp;
struct mbuf *mp;
int offp;
@@ -1249,7 +1249,7 @@ pfsync_in_tdb(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
return (len);
}
-#if defined(IPSEC)
+#if defined(IPSEC_SUPPORT)
/* Update an in-kernel tdb. Silently fail if no tdb is found. */
static void
pfsync_update_net_tdb(struct pfsync_tdb *pt)
--------------FA406BCE8D96BE8CAE3E7A66--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0842eef5-5f1f-c25a-a470-a424c536f1ed>