♟ ae

ipfw_nptv6: fix handling the ifaddr removal event

In D56130#1283954, @pouria wrote:

For reviewers:
The whole revision stack will reduce PI code complexity and fix multiple issues along the way.
I also wrote additional tests in D56128 to make sure everything works as intended.

ipfw: add support for masked ip-address lookups

Also, there are some references in carp(4) man page and ifconfig code.

ipfw: add support for masked ip-address lookups

In D55558#1271208, @bms wrote:

Just my 2c: I think we should be discouraging users from implementing CARP at all.

In D55398#1267078, @pouria wrote:

I don't understand why we need a separate data structure (priv).

ipfw: add ability to run ipfw(8) binary with 15.0+ kernel module

In D54443#1260647, @pouria wrote:

I see no problems with this patch alongside my changes.
We have a minor conflict, which I resolved at github.
Also, AFAICU, I don't need to use priv instead of softc for netlink because I didn't touch the data plane.
Your code will synchronize priv and softc together so there should be no problem to directly using the softc.

Should I do anything else?

Can you take a look at this patch? Maybe you can reuse some pieces, it should fix 275474 and also make access to softc in a safer way.

Do we still need this? I think scope modification ability was not used/implemented since KAME import.

I think you should note that this fixes some rare panics, that are reported in derived projects: panic: esp_input_cb: Unexpected address family

ipfw: fix lookup dst-ip opcode

arp: fix adding proxy entries for P2P interfaces

ipfw: do not use errno value for error reporting

carp6: revise the generation of ND6 NA

arp: fix adding proxy entries for P2P interfaces

ipv6: don't complain when deleting an address with prefix length of 128

ipfw: do not use errno value for error reporting

Yes, I think they were replaced with handlers from ipfw_sopt_handler.

ipv6: don't complain when deleting an address with prefix length of 128

carp6: revise the generation of ND6 NA

IPv6: fix off-by-one in pltime and vltime expiration checks

ipfw: add protected rule for orphaned dynamic states

ipfw: add additional handling for orphaned states

ipfw: forbid adding keep-state rules that depend on tablearg

ipfw: add numeric initializers to enum ipfw_opcodes

carp: fix mbuf_tag usage in carp_macmatch6

ipfw: add 'internal monitor' subcommand to capture rtsock messages.

ipfw: document logdst opcode

ipfw: add IPv6 logging via rtsock support for fwd tablearg opcode

ipfw: add IPv6 logging support for fwd tablearg opcode

tests: fix test for NULL encription

ae (Andrey V. Elsukov)User

Projects

User Details

Recent ActivityView All

Fri, Apr 24

Thu, Apr 9

Thu, Apr 2

Tue, Mar 31

Mar 29 2026

Mar 24 2026

Mar 11 2026

Mar 1 2026

Feb 27 2026

Feb 20 2026

Feb 10 2026

Feb 6 2026

Feb 5 2026

Jan 16 2026

Jan 12 2026

Jan 11 2026

Dec 22 2025

Dec 11 2025

Dec 10 2025

Dec 3 2025

Nov 24 2025

Nov 18 2025

Nov 12 2025

Oct 27 2025

Oct 26 2025

Oct 25 2025

Oct 22 2025

Oct 18 2025

Oct 17 2025

Oct 15 2025

Oct 14 2025

Oct 13 2025

Oct 8 2025

Oct 7 2025

Oct 3 2025

Oct 1 2025

Sep 23 2025

Sep 16 2025

Sep 8 2025

Sep 2 2025

Aug 3 2025

Jul 23 2025

Jul 22 2025

Jul 14 2025

Jun 5 2025

Jun 3 2025

Jun 2 2025

May 24 2025

May 21 2025

May 14 2025

Apr 18 2025

Apr 2 2025

ae (Andrey V. Elsukov)
User

Recent Activity
View All