From nobody Mon Jun 13 18:06:41 2022 X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id DEF5E83DEE1 for ; Mon, 13 Jun 2022 18:06:43 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LMKJg6134z3Lyf; Mon, 13 Jun 2022 18:06:43 +0000 (UTC) (envelope-from kp@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1655143603; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=j3Toh60N75+DWqg95Q+EGdOmjROBmnLo98GTJ2yUOgA=; b=cXtrPv22Mq1m/QBo1zqghS8sc4owWiH4gdcTb/S4S8dATHxtPWPXGOpgN7YnGLeZixARmM +spzFSTMq8jhjpepunBh6lM9pW3HMlvUCC4lJ6yGIyny4BAjFzA+l1J6F0m/uCaqe0Rm2A qEt+HkkSunLsHIQi1waDVKaoey+pvrfLBmfrAzrnbHCMhBgY5ESpFpkUHf7pAvQ+DXgj7R rsvM4B9xHLLYmdTOR7aU7ax6eF0evprWqhAVVLF3Vpch5ceTiObWAcIuQnX9KvfVvPYagK wriFX7q2exklyAoE3hAIHJqjYIMs9t1KI80Sy6ccbyjjk9HbbOsCuUB+WHPszg== Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.codepro.be", Issuer "R3" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 951DD2E760; Mon, 13 Jun 2022 18:06:43 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: by venus.codepro.be (Postfix, authenticated sender kp) id 157591A899; Mon, 13 Jun 2022 20:06:42 +0200 (CEST) From: Kristof Provost To: Kajetan Staszkiewicz Cc: freebsd-pf@freebsd.org Subject: Re: route-to, interfaces and pfsync Date: Mon, 13 Jun 2022 20:06:41 +0200 X-Mailer: MailMate (1.14r5852) Message-ID: In-Reply-To: <11a48cd5-ac1e-b4bf-7d17-feacdcade9dc@tuxpowered.net> References: <95f8e87d-2145-362b-2e37-79282054caa0@tuxpowered.net> <11a48cd5-ac1e-b4bf-7d17-feacdcade9dc@tuxpowered.net> List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1655143603; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=j3Toh60N75+DWqg95Q+EGdOmjROBmnLo98GTJ2yUOgA=; b=BeR2jxeADHKL2pzVjsQiTJn1yX0EbkhEh01V9zRkMmmqOadUdbE83utbcz5c+Qae41q78o wxnui8hZGs3J72RP8HmVq9MBYoHCNHlul8iviwBdBAXgVrtKEgVIWii75ihb9bGcVPSuWB ubfJEK0NpQ35CiJu2jWmmfIDAowSnzFQwoxkKg/gZVYyb67PTWqy3z+E3oUOgjFbuIUQj/ cEgwlUDrE2wpxNsr7cwBGBKWjaA0rXcC9fE9J3KpVGKsOpaDQ2JIMC+vnPcPEusZlysC1L v/L9wMz6aY+ifQnavdL3IDVD/L3A2h7344+K9Z4uOT4YlgXw9EqOKfYnnykdFw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1655143603; a=rsa-sha256; cv=none; b=pJJGHTevhnn/5fuUtsV3UsbV4Usrol/w4DzfAKsBOU9KscuAx3bwR7MOKcr+DzWyMbxAIY 0OTY4Jrb/2ru7tbTaVdS28iX6YKQ7cc1bJ5YpomrdTX+nb8bhYuicPD3B/CsvC1n+3LfbH 6KbGekkXZgzdJ3kAQyiJfl4IGSlzRTd1BkYV9zM4+Y4wu4M+yeSQwscUjjqZnNptd5YlQ2 rosvZk2IhcG3Vd7vIH3HCozvZfEifSthYBxNmFdgU0dzTs0tno7+CdsR/9u3t4qXQOkWR7 ttvWrqeSMe5zWDSJYvGNOXtFVqcIqYqzILsDObcD6Z9gWRYRbST6BK9zQj0BwA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N On 13 Jun 2022, at 19:49, Kajetan Staszkiewicz wrote: > On 2022-06-13 14:33, Kristof Provost wrote: >>> This brings us to OpenBSD. They have decided to drop the interface >>> from route-to targets >>> (https://github.com/openbsd/src/commit/5812a4ad62ca07807ac0bc59f22eb8= 813e6069bc >>> ). >>> How about we do the same? If porting this change from OpenBSD has a >>> chance of getting aproved and merged, I'd be willing to work on it. >> >> >> That=E2=80=99s a breaking syntax change, at there=E2=80=99s at least o= ne major FreeBSD/pf user that relies heavily on route-to (i.e. pfSense). = So something that=E2=80=99d break that is not going to be easy. >> >> However, (without having looked at the patch in great detail) we might= be able to support both the old style |route-to (epair0a 1.2.3.4)| and a= new |route-to (1.2.3.4)| or even |route-to (@1.2.3.4)| or something if t= hat disambiguates better. If we can ensure the old style keeps working (w= ith any limitations it currently has), which also supporting the new styl= e that=E2=80=99d give everyone a chance to migrate. We could then remove = the old style in say 15.0. > > How about I make the parser accept the syntax with the interface and wi= thout it and then ignore the interface, and the pf C code will be all don= e without the interface? Would that have a chance of being accepted into = 14.0? > That=E2=80=99d be a pretty significant behaviour change, so I=E2=80=99m n= ot a fan. It=E2=80=99s bound to trip people up. Kristof