User Details
User Details
- User Since
- Sep 28 2014, 7:22 PM (533 w, 5 d)
Yesterday
Yesterday
net/libpfctl: update main version
Wed, Dec 18
Wed, Dec 18
if_ovpn: improve reconnect handling
Tue, Dec 17
Tue, Dec 17
pf: fix double free in pf_state_key_attach()
pf: SCTP abort messages fully close the connection
pf tests: test dummynet on nat64 rules
pf: teach nat64 to handle 0 UDP checksums
kp committed rG706b42cc4bd9: pf: give the correct address family to dummynet after nat64 (authored by kp).
pf: give the correct address family to dummynet after nat64
pf: fix dummynet + route-to for IPv6
kp committed rG7f3d159b9ff2: pf tests: test using an address range inside a table for nat64 (authored by kp).
pf tests: test using an address range inside a table for nat64
pf tests: test address range as nat64 from address
pfctl: do not allow af-to tables without round-robin
kp committed rG125e395278cf: pf tests: test not having an IPv4 address to nat64 to (authored by kp).
pf tests: test not having an IPv4 address to nat64 to
pf tests: validate ToS translation with nat64
pf: preserve TOS with nat64
pf tests: check packet reassembly with nat64
pf: handle fragmentation for nat64
pf: update pd->tot_len after reassembly
kp committed rGb717c67686c0: pf tests: verify that we preserve the hop limit/TTL for ICMP errors (authored by kp).
pf tests: verify that we preserve the hop limit/TTL for ICMP errors
pf: fix if-bound with nat64
pfctl: print_rule: rename opts -> ropts
kp committed rGf1ddd7f1dae6: pf: add forgotten fixup for icmp6 id's when translating (authored by kp).
pf: add forgotten fixup for icmp6 id's when translating
kp committed rG373d6dbf34a8: pf tests: verify that ICMP destination unreachable makes it through NAT64 (authored by kp).
pf tests: verify that ICMP destination unreachable makes it through NAT64
kp committed rGbc66cb3bfa9b: pf tests: verify that ICMP port unreachable makes it through NAT64 (authored by kp).
pf tests: verify that ICMP port unreachable makes it through NAT64
pf tests: verify that TCP RST makes it through NAT64
pfctl: basic nat64 parser test
pf tests: add an SCTP test case for nat64
pf tests: add a UDP test case for nat64
pf tests: basic nat64 test case
pf tests: add a TCP test case for nat64
pf.conf.5: document af-to (aka nat64)
pfctl: change for af-to / NAT64 support.
pf: drop packets if they fail nat64 translation
pf: support nat64 for SCTP
pf: extra route lookup in pf_route(6)()
pf: fix state export in the face of NAT64
in: add in_mask2len()
pf: add post-NAT src/dst address/port to pf_pdesc
pf: partially import OpenBSD's NAT rewrite
Mon, Dec 16
Mon, Dec 16
pf: remove unused variable from pf_pdesc
pf: fix address range handling in pfr_pool_get()
pf: fix cleanup deadlock
kp added a comment to D48087: kyua: Add requirement resolver concept.
I generally share Mark's views. I was tempted to suggest we should rename it to 'load-kmods' or similar, but there's a somewhat reasonable path to it also being able to install required packages (even if that will require test modifications), so keeping the generic name seems sensible. If we do get to that point we should consider adding a 'kyua prepare' or something to take care of all of the requirements (i.e. kmods, packages) it knows about. That should let us run (most) tests with kyua prepare && kyua test on a new install. (That's very much a maybe someday sort of thing, we do not need that to proceed here.)
Sat, Dec 14
Sat, Dec 14
kp requested review of D48083: pf: fix address range handling in pfr_pool_get().
kp requested review of D48082: pf: fix cleanup deadlock.
pfctl: clear statistic for specified addresses
pfctl: clear statistic for specified addresses
Mon, Dec 9
Mon, Dec 9
kp added a comment to D47953: pf: Force logging if pf_create_state() fails.
Does this need an MFC tag too?
kp committed rG5b59b0c61e29: pfctl: add -T `reset` to touch pfras_tzero only for non-zero entries (authored by Leonid Evdokimov <leon+freebsd@darkk.net.ru>).
pfctl: add -T `reset` to touch pfras_tzero only for non-zero entries
Wed, Dec 4
Wed, Dec 4
LGTM. Approved regardless of how you choose to deal with the remarks I've raised.
pf: fold if (s != NULL) and if (s) into one block
Tue, Dec 3
Tue, Dec 3
kp committed rGc22c98798456: pf: fix potential NULL dereference in SCTP multihome handling (authored by kp).
pf: fix potential NULL dereference in SCTP multihome handling
kp committed rGdaad0b650135: LINT: Remove DTrace support, but leave the commented out option (authored by kp).
LINT: Remove DTrace support, but leave the commented out option
Mon, Dec 2
Mon, Dec 2
LINT: Remove DTrace support
kp committed rG928864a93594: fix build with LOCK_PROFILING but without KDTRACE_HOOKS (authored by kp).
fix build with LOCK_PROFILING but without KDTRACE_HOOKS
Fri, Nov 29
Fri, Nov 29
kp added inline comments to D47822: fix build with LOCK_PROFILING but without KDTRACE_HOOKS.
Approved.
kp updated the diff for D47822: fix build with LOCK_PROFILING but without KDTRACE_HOOKS.
Review remarks
Approved (without the 'draft' in the commit header line, of course).
Thu, Nov 28
Thu, Nov 28
kp updated the diff for D47822: fix build with LOCK_PROFILING but without KDTRACE_HOOKS.
review remarks
kp added a comment to D47827: Draft: pf: Move route-to information to pf_rule_actions.
I need to have a closer look again tomorrow, but this looks like a good idea.
It expects to be applied on top of D47770, right?
kp updated the diff for D47783: pf: partially import OpenBSD's NAT rewrite.
rename PF_RT_RPOOL/PF_RT_NAT
kp added inline comments to D47822: fix build with LOCK_PROFILING but without KDTRACE_HOOKS.
kp added inline comments to D47783: pf: partially import OpenBSD's NAT rewrite.
kp added inline comments to D47788: pf: extra route lookup in pf_route(6)().
kp added inline comments to D47783: pf: partially import OpenBSD's NAT rewrite.
kp added inline comments to D47788: pf: extra route lookup in pf_route(6)().
Wed, Nov 27
Wed, Nov 27
kp requested review of D47822: fix build with LOCK_PROFILING but without KDTRACE_HOOKS.