Date: Thu, 24 Jan 2019 13:59:18 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 229092] [pf] [pfsync] States created by route-to rules pfsynced without interface Message-ID: <bug-229092-16861-Pi9rR3g1lW@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-229092-16861@https.bugs.freebsd.org/bugzilla/> References: <bug-229092-16861@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229092 --- Comment #18 from Kajetan Staszkiewicz <vegeta@tuxpowered.net> --- My 2nd patch stores missing state->rt information in currently unused part = of struct pfsync_state. That should make it compatible. A router running non-patched kernel will simply not transmit any data there when sending sta= tes and ignore all data when receiving them from a patched router. So that part should be safe. What looks potentially unsafe is guessing of target interface. Although it = is already badly broken, as packets are leaving router via route matching destination on unpatched kerel. Is guessing of target interface done correctly? Can I use fib lookup functi= ons just like this? No locking needed? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-229092-16861-Pi9rR3g1lW>