D43589.id133344.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D43589.id133344.diff
View Options

	diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
	--- a/sys/netpfil/pf/pf.c
	+++ b/sys/netpfil/pf/pf.c
	@@ -412,8 +412,20 @@
	return (PF_PASS); \
	} while (0)

	-#define BOUND_IFACE(r, k) \
	- ((r)->rule_flag & PFRULE_IFBOUND) ? (k) : V_pfi_all
	+static struct pfi_kkif *
	+BOUND_IFACE(struct pf_krule r, struct pfi_kkif k)
	+{
	+ if (! (r->rule_flag & PFRULE_IFBOUND))
	+ return (V_pfi_all);
	+
	+ if (r->rt != PF_ROUTETO)
	+ return (k);
	+
	+ if (r->rpool.cur == NULL)
	+ return (k);
	+
	+ return (r->rpool.cur->kif);
	+}

	#define STATE_INC_COUNTERS(s) \
	do { \
	diff --git a/tests/sys/netpfil/pf/route_to.sh b/tests/sys/netpfil/pf/route_to.sh
	--- a/tests/sys/netpfil/pf/route_to.sh
	+++ b/tests/sys/netpfil/pf/route_to.sh
	@@ -365,6 +365,48 @@
	pft_cleanup
	}

	+atf_test_case "ifbound" "cleanup"
	+ifbound_head()
	+{
	+ atf_set descr 'Test that route-to states bind the expected interface'
	+ atf_set require.user root
	+}
	+
	+ifbound_body()
	+{
	+ pft_init
	+
	+ j="route_to:ifbound"
	+
	+ epair_one=$(vnet_mkepair)
	+ epair_two=$(vnet_mkepair)
	+ ifconfig ${epair_one}b up
	+
	+ vnet_mkjail ${j}2 ${epair_two}b
	+ jexec ${j}2 ifconfig ${epair_two}b inet 198.51.100.2/24 up
	+ jexec ${j}2 ifconfig ${epair_two}b inet alias 203.0.113.1/24
	+ jexec ${j}2 route add default 198.51.100.1
	+
	+ vnet_mkjail $j ${epair_one}a ${epair_two}a
	+ jexec $j ifconfig ${epair_one}a 192.0.2.1/24 up
	+ jexec $j ifconfig ${epair_two}a 198.51.100.1/24 up
	+ jexec $j route add default 192.0.2.2
	+
	+ jexec $j pfctl -e
	+ pft_set_rules $j \
	+ "set state-policy if-bound" \
	+ "block" \
	+ "pass out route-to (${epair_two}a 198.51.100.2)"
	+
	+ atf_check -s exit:0 -o ignore \
	+ jexec $j ping -c 1 203.0.113.1
	+}
	+
	+ifbound_cleanup()
	+{
	+ pft_cleanup
	+}
	+
	atf_init_test_cases()
	{
	atf_add_test_case "v4"
	@@ -373,4 +415,5 @@
	atf_add_test_case "multiwanlocal"
	atf_add_test_case "icmp_nat"
	atf_add_test_case "dummynet"
	+ atf_add_test_case "ifbound"
	}

File Metadata

Mime Type: text/plain
Expires: Sun, Oct 26, 8:29 PM (4 h, 43 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 24249198
Default Alt Text: D43589.id133344.diff (1 KB)

D43589.id133344.diffNo OneTemporaryActions

D43589.id133344.diffView Options

File Metadata

Event Timeline

D43589.id133344.diff
No OneTemporary
Actions

D43589.id133344.diff
View Options