Page MenuHomeFreeBSD
Differential D47777

pf: NAT rule logs its own NAT action, not PF_PASS
Needs ReviewPublic
Actions

Authored by franco_opnsense.org on Wed, Nov 27, 9:28 AM.

Details

Reviewers
kp
Summary

Prior to 948e8413 the NAT log was implicitly
using r->action, but it was changed to an explicit
PF_PASS. Restore the correct behaviour by
explicitly passing nr->action.

Add a test for it while here.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 60807
Build 57691: arc lint + arc unit

Event Timeline

franco_opnsense.org created this revision.Wed, Nov 27, 9:28 AM
Herald added subscribers: vegeta_tuxpowered.net, glebius, melifaro and 2 others. · View Herald TranscriptWed, Nov 27, 9:28 AM
franco_opnsense.org requested review of this revision.Wed, Nov 27, 9:28 AM
Harbormaster completed remote builds in B60807: Diff 147026.Wed, Nov 27, 9:28 AM
franco_opnsense.org added a reviewer: kp.Wed, Nov 27, 9:29 AM
kp added a comment.Wed, Nov 27, 9:43 AM

Shall we finish D47658 before we move on to other issues?

franco_opnsense.org added a comment.Wed, Nov 27, 10:17 AM

D47658 is on hold as I struggle to understand why the code discussed there is not covered by existing tests and how to actually trigger it (it should easily panic after all but the code is never hit).

kp added a comment.Wed, Nov 27, 10:21 AM
In D47777#1089450, @franco_opnsense.org wrote:

D47658 is on hold as I struggle to understand why the code discussed there is not covered by existing tests and how to actually trigger it (it should easily panic after all but the code is never hit).

Then please update that review to state that there.

As for this one, let's start with the commit message. Try to explain both the problem and then justify chosen solution. 'fix regression' does not enlighten.

franco_opnsense.org retitled this revision from pf: fix NAT pflog regression in 948e8413 to pf: NAT rule logs it own NAT action, not PF_PASS.Wed, Nov 27, 10:27 AM
franco_opnsense.org edited the summary of this revision. (Show Details)

I changed the summary.

I'll gladly update the other review and I also appreciate a response to my last comment there.

kp added a comment.Wed, Nov 27, 10:32 AM
In D47777#1089452, @franco_opnsense.org wrote:

I changed the summary.

Please do try to *explain* the problem. "Fixes a regression" does not do this.

franco_opnsense.org edited the summary of this revision. (Show Details)Wed, Nov 27, 10:44 AM

Feel free to make a different suggestion. I've long been under the impressions explaining one liners is not the scope of a commit message and the tests should make this rather clear as requested in previous discussions.

franco_opnsense.org retitled this revision from pf: NAT rule logs it own NAT action, not PF_PASS to pf: NAT rule logs its own NAT action, not PF_PASS.Wed, Nov 27, 10:54 AM

Revision Contents
Changeset List

PathSize
sys/
netpfil/
pf/
2 lines
tests/
sys/
netpfil/
pf/
60 lines

Diff 147026

View Options

sys/netpfil/pf/pf.c

Loading...
View Options

tests/sys/netpfil/pf/pflog.sh

Loading...