Date: Thu, 24 Jan 2019 13:59:18 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 229092] [pf] [pfsync] States created by route-to rules pfsynced without interface Message-ID: <bug-229092-16861-Pi9rR3g1lW@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-229092-16861@https.bugs.freebsd.org/bugzilla/> References: <bug-229092-16861@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229092 --- Comment #18 from Kajetan Staszkiewicz <vegeta@tuxpowered.net> --- My 2nd patch stores missing state->rt information in currently unused part of struct pfsync_state. That should make it compatible. A router running non-patched kernel will simply not transmit any data there when sending states and ignore all data when receiving them from a patched router. So that part should be safe. What looks potentially unsafe is guessing of target interface. Although it is already badly broken, as packets are leaving router via route matching destination on unpatched kerel. Is guessing of target interface done correctly? Can I use fib lookup functions just like this? No locking needed? -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-229092-16861-Pi9rR3g1lW>