From nobody Wed Feb 12 09:38:43 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YtCtW4cblz5mTHJ; Wed, 12 Feb 2025 09:38:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YtCtW45d7z3TyY; Wed, 12 Feb 2025 09:38:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1739353123; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=leOTUnSRXh1KS8+nswch5BUD7fUDftxgtz5T8uOOIaI=; b=o/2AUn8C2kaDPjYtDv5psZSJxqAfRsI5o7SfMP1UCeIw07ej2Y7jRg5c5M0LN1ZrJri3N+ nwiQvIlYXc2gc5o3EL+0/BWfmux8xrqLJTmQIb5tK51ZzF5DGHg4r0W7rNMVGuogMO/jrR kjExId0WlN3ahFGGMtvUcmihPzFAngN/8vT05yx70f7l/mt+h8/EPRkxNNrRQUIghWXXH4 eMmvCMCOtkn5UPCUo4weFnt2pvt8CDi/1bI3iaJrdWXLJg3soGEW0+aPMj7u3PsvoHpJ40 VfJv5JW4O/pVAzK9xT94e8y7zh4RXCUJO2auyfLNinfo6ckXnilPM8O0jINY3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1739353123; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=leOTUnSRXh1KS8+nswch5BUD7fUDftxgtz5T8uOOIaI=; b=Rt0wjpVGc8Cp1murb0hq8fuSTw+0Fr0nuoH8KY7Bc0fFg507uyXe98OljFPks2n9kl9fk2 kD3v1W6X/8N+jlqBix3A9v6cJb3fa/vnx0sLI12PT56BnstC+B+/H04r3YVzTvkSJeTyAW +K4nVXfJvcCioNB3s4nprHz0e0aDjOaVHIQmcjtFI8RGnAaNZLZEOMTrPBDiYogqnRtUAO tHnR8OOP3/o7sx03hlxbdvRPGJK2y3MTWfX8HX5jKb8aZ9MISvZ9fBxbkiLeYsRtrQS475 CSlttJGLetyFmkRkaqgdoUvDkwPOXHAj45oNZc9rZgrC9TwWEk4qYn+0LkHThw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1739353123; a=rsa-sha256; cv=none; b=AMAlE6AjuiXHjhUIFupVx+1t1Q8KaH0SmWh/AVE+1/gjFXRMZnbnNNq4HU5DIROzigV3og LtPy1wJ4K5P5Fjs5KiXxh0d/dMJ/VtqP91StvZZC7T2FiYKrZszLAVOD0xI4KGYlimAdsl doKABYTnmCgoQvoYBFEK5wr2M5HAltVzbzaUjdZRkJzem8tJpL9aT07AP5DhtWqxOTATOB jFGQbBb6iV3oBV7RI19/PFEFF7Ee7uwNH6HBsUcRif4nrigSOJxfB77/WkwUffypZZbaxU brP7FDMztTuM6t0ha1n5GLMRmzEJKHpVr/TAP7Br0s3uophOjNWeor+/2IXwBA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YtCtW39Qtzt2j; Wed, 12 Feb 2025 09:38:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 51C9chKo037361; Wed, 12 Feb 2025 09:38:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 51C9chMs037358; Wed, 12 Feb 2025 09:38:43 GMT (envelope-from git) Date: Wed, 12 Feb 2025 09:38:43 GMT Message-Id: <202502120938.51C9chMs037358@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 9a538abd957c - main - pf: add 'translation' counter List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9a538abd957cd43bd09e3d72bc5fe6d0189ffaf8 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=9a538abd957cd43bd09e3d72bc5fe6d0189ffaf8 commit 9a538abd957cd43bd09e3d72bc5fe6d0189ffaf8 Author: Kristof Provost AuthorDate: 2025-02-05 10:58:57 +0000 Commit: Kristof Provost CommitDate: 2025-02-12 08:29:09 +0000 pf: add 'translation' counter Add a separate "translation" counter and use this rather than "memory" when address translation fails due to no free ports in the configured range. ok mikeb@ Obtained from: OpenBSD, sthen , 70ff79155f Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf.c | 4 ++-- sys/netpfil/pf/pf.h | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 4d8a0f2aba31..9963dc728302 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -5823,7 +5823,7 @@ pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, pd->naf = r->naf; if (pd->af != pd->naf) { if (pf_get_transaddr_af(r, pd) == -1) { - REASON_SET(&reason, PFRES_MEMORY); + REASON_SET(&reason, PFRES_TRANSLATE); goto cleanup; } } @@ -5863,7 +5863,7 @@ nextrule: pd->naf = r->naf; if (pd->af != pd->naf) { if (pf_get_transaddr_af(r, pd) == -1) { - REASON_SET(&reason, PFRES_MEMORY); + REASON_SET(&reason, PFRES_TRANSLATE); goto cleanup; } } diff --git a/sys/netpfil/pf/pf.h b/sys/netpfil/pf/pf.h index 24249ead6ba2..01c1abc54602 100644 --- a/sys/netpfil/pf/pf.h +++ b/sys/netpfil/pf/pf.h @@ -156,7 +156,8 @@ enum { PF_ADDR_ADDRMASK, PF_ADDR_NOROUTE, PF_ADDR_DYNIFTL, #define PFRES_SRCLIMIT 13 /* Source node/conn limit */ #define PFRES_SYNPROXY 14 /* SYN proxy */ #define PFRES_MAPFAILED 15 /* pf_map_addr() failed */ -#define PFRES_MAX 16 /* total+1 */ +#define PFRES_TRANSLATE 16 /* No translation address available */ +#define PFRES_MAX 17 /* total+1 */ #define PFRES_NAMES { \ "match", \ @@ -175,6 +176,7 @@ enum { PF_ADDR_ADDRMASK, PF_ADDR_NOROUTE, PF_ADDR_DYNIFTL, "src-limit", \ "synproxy", \ "map-failed", \ + "translate", \ NULL \ }