Page MenuHomeFreeBSD

pf: Support killing 'matching' states
ClosedPublic

Authored by kp on May 3 2021, 2:51 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Dec 12, 8:12 AM
Unknown Object (File)
Nov 13 2024, 10:34 PM
Unknown Object (File)
Oct 25 2024, 7:16 PM
Unknown Object (File)
Oct 25 2024, 7:16 PM
Unknown Object (File)
Oct 25 2024, 7:15 PM
Unknown Object (File)
Oct 25 2024, 7:15 PM
Unknown Object (File)
Oct 21 2024, 12:30 AM
Unknown Object (File)
Oct 18 2024, 11:32 PM

Details

Summary

Optionally also kill states that match (i.e. are the NATed state or
opposite direction state entry for) the state we're killing.

See also https://redmine.pfsense.org/issues/8555

Submitted by: Steven Brown
Obtained from: https://github.com/pfsense/FreeBSD-src/pull/11/
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 38984
Build 35873: arc lint + arc unit

Event Timeline

kp requested review of this revision.May 3 2021, 2:51 PM

Minor man page nit.

sbin/pfctl/pfctl.8
340

Line break after the sentence stop needed here.

Manpage looks good now.
I guess upstream will incorporate it, too.

In D30092#675436, @bcr wrote:

I guess upstream will incorporate it, too.

We are upstream. The patch was originally submitted against pfsense, but we're the pfsense upstream, so they'll get it as part of their usual sync operations.

Right, I thought it was the other way around, but this makes more sense. :-)

This revision was not accepted when it landed; it landed in state Needs Review.May 7 2021, 8:15 PM
This revision was automatically updated to reflect the committed changes.