Page MenuHomeFreeBSD
Differential D56745

pf: do not reject rules with colliding hashes
ClosedPublic
Actions

Authored by kp on Thu, Apr 30, 11:44 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, May 18, 1:19 AM
Unknown Object (File)
Mon, May 18, 1:12 AM
Unknown Object (File)
Sat, May 16, 11:48 PM
Unknown Object (File)
Sat, May 16, 10:58 PM
Unknown Object (File)
Fri, May 15, 10:34 PM
Unknown Object (File)
Fri, May 15, 8:59 PM
Unknown Object (File)
Fri, May 15, 1:21 PM
Unknown Object (File)
Thu, May 14, 1:47 AM
View All 21 Files
Subscribers
farrokhi
glebius
imp
melifaro
vegeta_tuxpowered.net

Details

Reviewers
mjg
Group Reviewers
pfsense
network
Commits
rG0cd655f71b46: pf: do not reject rules with colliding hashes
rGfab9bfc92751: pf: do not reject rules with colliding hashes
rGa0e4c65f1814: pf: do not reject rules with colliding hashes
Summary

We insert rules in pf_krule_global solely for the benefit of the
'keepcounters' feature. Failing to insert (beause the rule hash
collides, or an identical rule already exists) would be worse than
restoring counts to the wrong rule (or failing to restore them at all).

PR: 282863, 294860, 294859, 294858
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
netpfil/
pf/
24 lines
tests/
sys/
netpfil/
pf/
36 lines

Diff 177273

View Options

sys/netpfil/pf/pf_ioctl.c

Loading...
View Options

tests/sys/netpfil/pf/match.sh

Loading...