Page MenuHomeFreeBSD
People kp

kp (Kristof Provost)
Troubleshooter

Projects (6)
View All

User Details

User Since
Sep 28 2014, 7:22 PM (601 w, 2 d)

Recent Activity
View All

Yesterday

kp committed rG6642ba36f186: pf tests: explicitly test zeroing counters within an anchor (authored by kp).
pf tests: explicitly test zeroing counters within an anchor
Tue, Apr 7, 3:26 PM
kp added inline comments to D54172: Add Support for Geneve (RFC8926).
Tue, Apr 7, 12:25 PM

Fri, Apr 3

kp committed rG8ef0093f297a: truss: add support for decoding Netlink messages (authored by Ishan Agrawal <iagrawal9990@gmail.com>).
truss: add support for decoding Netlink messages
Fri, Apr 3, 6:55 AM

Mon, Mar 30

kp accepted D56113: pf: use hashalloc(9) for key, id, src-node and udp-endpoint hashes.

Ah, yes, thanks!

Mon, Mar 30, 8:03 PM
kp committed rG5b8ab97b3e4a: pfctl: parser must not ignore error from pfctl_optimize_ruleset() (authored by kp).
pfctl: parser must not ignore error from pfctl_optimize_ruleset()
Mon, Mar 30, 3:10 PM
kp committed rGc5e1dde24dac: pfctl: parser must not ignore error from pfctl_optimize_ruleset() (authored by kp).
pfctl: parser must not ignore error from pfctl_optimize_ruleset()
Mon, Mar 30, 3:09 PM
kp added a comment to D56113: pf: use hashalloc(9) for key, id, src-node and udp-endpoint hashes.

I'm seeing panics with this patch ("panic: lock "pf_keyhash" 0xfffffe00e8dffff8 already initialized").
I believe the problem is that hashalloc() allocates unzero'd memory, and which leads to incorrect assertions on the lock, if LO_INITIALIZED happens to be set in lo_flags.

Mon, Mar 30, 12:21 PM

Fri, Mar 27

kp added a comment to D55904: hash(9): introduce hashalloc()/hashfree() KPI.

I've had a quick look at making pf use this, and I have a minor annoyance.

Fri, Mar 27, 10:37 AM

Thu, Mar 26

kp accepted D55997: ifnet: Fix races in if_vmove_reclaim().
Thu, Mar 26, 1:23 PM

Wed, Mar 25

kp committed rG38f8ac568273: pf: Fix hashing of IP address ranges (authored by grembo).
pf: Fix hashing of IP address ranges
Wed, Mar 25, 10:55 AM
kp committed rGd107424a44b3: pf: Fix hashing of IP address ranges (authored by grembo).
pf: Fix hashing of IP address ranges
Wed, Mar 25, 10:55 AM
kp committed rG4311217a039c: pf: include all elements when hashing rules (authored by kp).
pf: include all elements when hashing rules
Wed, Mar 25, 10:55 AM
kp committed rGe224b9b867f4: pfctl: always warn if a duplicate rule was detected (authored by kp).
pfctl: always warn if a duplicate rule was detected
Wed, Mar 25, 10:55 AM
kp committed rG4e007734ff8e: pf tests: verify that we handle address range rules correctly (authored by kp).
pf tests: verify that we handle address range rules correctly
Wed, Mar 25, 10:55 AM
kp committed rG536751cb4e15: pf: include all elements when hashing rules (authored by kp).
pf: include all elements when hashing rules
Wed, Mar 25, 10:55 AM
kp committed rGac6bb58a715e: pf: Fix hashing of IP address ranges (authored by grembo).
pf: Fix hashing of IP address ranges
Wed, Mar 25, 10:55 AM
kp committed rG6666b2a0e7c2: pf tests: verify that we handle address range rules correctly (authored by kp).
pf tests: verify that we handle address range rules correctly
Wed, Mar 25, 10:55 AM
kp committed rGe3b801edded9: pf: include all elements when hashing rules (authored by kp).
pf: include all elements when hashing rules
Wed, Mar 25, 10:55 AM
kp committed rGe79818ec36ef: pfctl: always warn if a duplicate rule was detected (authored by kp).
pfctl: always warn if a duplicate rule was detected
Wed, Mar 25, 10:55 AM
kp committed rG958dbc87e9c5: pf tests: verify that we handle address range rules correctly (authored by kp).
pf tests: verify that we handle address range rules correctly
Wed, Mar 25, 10:54 AM

Tue, Mar 24

kp committed rGc6bcf6e6fd50: pf: include all elements when hashing rules (authored by kp).
pf: include all elements when hashing rules
Tue, Mar 24, 6:04 AM
kp committed rG1fa873c93c8b: pf: Fix hashing of IP address ranges (authored by grembo).
pf: Fix hashing of IP address ranges
Tue, Mar 24, 6:04 AM
kp committed rG66d66dd0f6f8: pfctl: always warn if a duplicate rule was detected (authored by kp).
pfctl: always warn if a duplicate rule was detected
Tue, Mar 24, 6:04 AM
kp committed rGab74151e8d09: pf tests: verify that we handle address range rules correctly (authored by kp).
pf tests: verify that we handle address range rules correctly
Tue, Mar 24, 6:04 AM

Sun, Mar 22

kp committed rG434e1c3d8413: pfctl tests: test rdr-to and nat-to in one rule (authored by kp).
pfctl tests: test rdr-to and nat-to in one rule
Sun, Mar 22, 7:24 AM
kp committed rG343ace42f82a: pfctl: parser must not ignore error from pfctl_optimize_ruleset() (authored by kp).
pfctl: parser must not ignore error from pfctl_optimize_ruleset()
Sun, Mar 22, 6:03 AM
kp committed rG0b0d34fd2f40: pf tests: verify first-match-wins for nat rules (authored by kp).
pf tests: verify first-match-wins for nat rules
Sun, Mar 22, 6:03 AM

Wed, Mar 18

kp committed rG9031b83ac133: pfctl: consistency (authored by Seth Hoffert <seth.hoffert@gmail.com>).
pfctl: consistency
Wed, Mar 18, 9:43 AM

Mon, Mar 16

kp accepted D55875: ifnet: Add some sanity checks.
Mon, Mar 16, 10:59 AM
kp accepted D55873: ifnet: Fix decreasing the vnet interface count.
Mon, Mar 16, 8:28 AM

Sun, Mar 15

kp added a reviewer for D55859: kyua: Add external setup and teardown mechanism: kp.
Sun, Mar 15, 12:39 AM

Thu, Mar 12

kp accepted D55804: carp: retire ioctl(2) API.
Thu, Mar 12, 1:15 PM
kp committed R11:d4dad47577db: net/libpfctl: add 14.4 version (authored by kp).
net/libpfctl: add 14.4 version
Thu, Mar 12, 10:41 AM

Mar 4 2026

kp committed rG36acf1bd32ed: pfctl: consistency (authored by Seth Hoffert <seth.hoffert@gmail.com>).
pfctl: consistency
Mar 4 2026, 4:21 PM
kp accepted D55558: fix global demotion counter to VRRP advertisements.
In D55558#1271287, @olivier wrote:
In D55558#1271271, @kp wrote:

I haven't debugged it any depth (and won't be able to before early next week), but the new test case fails for me:

(kp@nut)  /usr/tests/sys/netinet % sudo kyua debug carp:vrrp_preempt                                                                                                               [14:00]
net.inet.carp.preempt: 0 -> 1
net.inet.carp.preempt: 0 -> 1
	vrrp: MASTER vrid 2 prio 10 interval 100
Files left in work directory after failure: created_interfaces.lst, created_jails.lst
ifconfig: interface epair0b does not exist
ifconfig: interface epair1b does not exist
carp:vrrp_preempt  ->  failed: preemption did not affect the second interface

But it works on both my side, and on my VM lab:

olivier@workstation:/usr/tests/sys/netinet $ sudo kyua debug carp:vrrp_preempt
net.inet.carp.preempt: 0 -> 1
net.inet.carp.preempt: 0 -> 1
        vrrp: MASTER vrid 2 prio 10 interval 100
ifconfig: interface epair0b does not exist
ifconfig: interface epair1b does not exist
carp:vrrp_preempt  ->  passed
Mar 4 2026, 10:25 AM

Feb 27 2026

kp added a comment to D55558: fix global demotion counter to VRRP advertisements.

I haven't debugged it any depth (and won't be able to before early next week), but the new test case fails for me:

Feb 27 2026, 1:08 PM
kp added a comment to D55558: fix global demotion counter to VRRP advertisements.

One small issue is that this patch claims to move these files. That's clearly unintentional. Perhaps an artefact of how it was uploaded?

Feb 27 2026, 9:11 AM

Feb 25 2026

kp abandoned D50968: pf: limit extra SCTP states.

This is already in the tree, as cd0169c9379c400ec75b77e87ca770e37f964276. I managed to forget to add the 'differential revision' tag, so Phabricator didn't notice.

Feb 25 2026, 2:19 PM
kp committed rGb642867c2cc7: pf: avoid NULL deref on purged states (authored by kp).
pf: avoid NULL deref on purged states
Feb 25 2026, 1:42 PM

Feb 19 2026

kp committed rG4d0186cd12a7: libpfctl: Sort order of snl attribute parser (authored by eborisch_gmail.com).
libpfctl: Sort order of snl attribute parser
Feb 19 2026, 4:01 PM
kp committed rGdc7eb96ba945: pf tests: verify blocked count on log interface (authored by kp).
pf tests: verify blocked count on log interface
Feb 19 2026, 4:01 PM
kp accepted D55367: icmp6: Remove csum_flags on mbuf reused for ICMP message.

(Not tested, but that just seems sensible.)

Feb 19 2026, 12:47 PM

Feb 18 2026

kp committed rGd60082f16e4c: pf: avoid NULL deref on purged states (authored by kp).
pf: avoid NULL deref on purged states
Feb 18 2026, 10:27 PM

Feb 17 2026

kp committed rGf3a0e54656cc: pf: fix use of uninitialised variable (authored by kp).
pf: fix use of uninitialised variable
Feb 17 2026, 2:30 PM

Feb 16 2026

kp committed rG281282e9357b: pf: convert DIOCRTSTADDRS to netlink (authored by kp).
pf: convert DIOCRTSTADDRS to netlink
Feb 16 2026, 12:47 PM

Feb 12 2026

kp committed rG363b57d579ba: libpfctl: Sort order of snl attribute parser (authored by eborisch_gmail.com).
libpfctl: Sort order of snl attribute parser
Feb 12 2026, 9:40 PM
kp committed rGd03b6bb766f8: pf tests: verify blocked count on log interface (authored by kp).
pf tests: verify blocked count on log interface
Feb 12 2026, 9:40 PM
kp committed rG1e7665e36860: libpfctl: verify all parsers (authored by kp).
libpfctl: verify all parsers
Feb 12 2026, 9:40 PM
kp committed rGff2f3a6cc1b7: pf: fix pcounters array size (authored by kp).
pf: fix pcounters array size
Feb 12 2026, 2:16 PM

Feb 10 2026

kp committed rG950dedcd87af: pf: remove unused variable from pf_test_ctx (authored by kp).
pf: remove unused variable from pf_test_ctx
Feb 10 2026, 5:12 PM

Feb 9 2026

kp committed R11:7f4afbdfcf93: net/libpfctl: add 14.4 version (authored by kp).
net/libpfctl: add 14.4 version
Feb 9 2026, 5:04 PM

Feb 3 2026

kp committed rGfe9e4eb6f38a: pf: fix use of uninitialised variable (authored by kp).
pf: fix use of uninitialised variable
Feb 3 2026, 10:52 PM

Jan 28 2026

kp committed rG03094f3700be: if_ovpn: add interface counters (authored by kp).
if_ovpn: add interface counters
Jan 28 2026, 7:21 PM
kp committed rGd2d25d8fde2e: pfctl: allow new page character (^L) in pf.conf (authored by kp).
pfctl: allow new page character (^L) in pf.conf
Jan 28 2026, 7:21 PM
kp committed rG1b7a44fbc553: if_ovpn: add interface counters (authored by kp).
if_ovpn: add interface counters
Jan 28 2026, 7:21 PM
kp committed rG19709a0cd866: pfctl: allow new page character (^L) in pf.conf (authored by kp).
pfctl: allow new page character (^L) in pf.conf
Jan 28 2026, 7:21 PM

Jan 27 2026

kp accepted D54847: pf: Pass v6 packets to the divert socket.
Jan 27 2026, 11:05 AM

Jan 24 2026

kp accepted D54848: divert: Update divert.4 to mention pf.
Jan 24 2026, 11:42 AM
kp accepted D54846: pf tests: Set require.kmods in divert-to tests.
Jan 24 2026, 11:41 AM
kp accepted D54845: pf: Rationalize the ip_divert_ptr test.
Jan 24 2026, 11:41 AM

Jan 23 2026

kp accepted D19960: Remove support for RFC2675.
In D19960#1253517, @thj wrote:

I don't think there are any links with an mtu to carry 65,575, but if there
ever are I would expect to find some bugs.

Jan 23 2026, 2:16 PM

Jan 20 2026

kp committed rG2c42d62fd3a1: pf: fix min-ttl and set-tos for nat64 (authored by kp).
pf: fix min-ttl and set-tos for nat64
Jan 20 2026, 9:55 PM

Jan 19 2026

kp committed rG2e0e45a516b9: pfctl(8): change default limiter action from no-match to block (authored by kp).
pfctl(8): change default limiter action from no-match to block
Jan 19 2026, 10:58 PM

Jan 15 2026

kp committed rG21d666a19331: if_ovpn: add interface counters (authored by kp).
if_ovpn: add interface counters
Jan 15 2026, 5:15 PM

Jan 14 2026

kp committed rGfc353e5e61fa: pfctl: allow new page character (^L) in pf.conf (authored by kp).
pfctl: allow new page character (^L) in pf.conf
Jan 14 2026, 11:33 AM
kp added a comment to D54695: pf: tests: Introduce wait_for_process().

I'm not sure this is sufficient. It is still possible for tcpdump to have started, but not gotten to the point of actually opening the pflog device.

Jan 14 2026, 8:22 AM
kp committed rG3a609881c8c8: pf: remove unused function (authored by kp).
pf: remove unused function
Jan 14 2026, 8:07 AM
kp committed rG098febfcc155: pf tests: test block/no-match limiters (authored by kp).
pf tests: test block/no-match limiters
Jan 14 2026, 8:07 AM
kp committed rGe28dfd6b5557: pfctl: make the source limiter output match the input (authored by kp).
pfctl: make the source limiter output match the input
Jan 14 2026, 8:07 AM
kp committed rG8716d8c7d97e: pf: configurable action on limiter exceeded (authored by kp).
pf: configurable action on limiter exceeded
Jan 14 2026, 8:07 AM
kp committed rG1ee4405a00d7: pf: avoid a shadowed variable in the pf_create_state() source limiter handling (authored by kp).
pf: avoid a shadowed variable in the pf_create_state() source limiter handling
Jan 14 2026, 8:07 AM
kp committed rG393243a38d74: pfctl: ifa_load() in pfctl_parser.c may attempt to read beyond the buffer. (authored by kp).
pfctl: ifa_load() in pfctl_parser.c may attempt to read beyond the buffer.
Jan 14 2026, 8:07 AM
kp committed rG1550fcf802e3: pf.conf.5: s/State Limiter/&s/ in .Ss (authored by kp).
pf.conf.5: s/State Limiter/&s/ in .Ss
Jan 14 2026, 8:07 AM
kp committed rG7af7d6d61d41: pfctl: distinguish broadcast and PPP peer addresses (authored by kp).
pfctl: distinguish broadcast and PPP peer addresses
Jan 14 2026, 8:07 AM
kp committed rG95ee802f410f: pf: state/source limiter finishing touches (authored by kp).
pf: state/source limiter finishing touches
Jan 14 2026, 8:07 AM
kp committed rGf2d2d6f010e4: pf: remove redundant range checks (authored by kp).
pf: remove redundant range checks
Jan 14 2026, 8:07 AM
kp committed rG02126f8cb35c: pf.conf.5: spelling (authored by kp).
pf.conf.5: spelling
Jan 14 2026, 8:06 AM
kp committed rGa10e8e78c8d0: pf tests: basic state limiters test case (authored by kp).
pf tests: basic state limiters test case
Jan 14 2026, 8:06 AM
kp committed rGe3319f91900b: pf tests: extend the source limiter test (authored by kp).
pf tests: extend the source limiter test
Jan 14 2026, 8:06 AM
kp committed rG086a3cb4b850: pf tests: basic source limiters test case (authored by kp).
pf tests: basic source limiters test case
Jan 14 2026, 8:06 AM
kp committed rGcb7a5d9401d8: pf tests: state limiter rate test (authored by kp).
pf tests: state limiter rate test
Jan 14 2026, 8:06 AM
kp committed rG445a3c86e674: pfctl tests: basic source and state limiter tests (authored by kp).
pfctl tests: basic source and state limiter tests
Jan 14 2026, 8:06 AM
kp committed rG398ca30cb6d6: pfctl.8: mention -k source -k <IP> (authored by kp).
pfctl.8: mention -k source -k <IP>
Jan 14 2026, 8:06 AM
kp committed rG63d5d1b0b37e: pfctl: improve limiters printing (authored by kp).
pfctl: improve limiters printing
Jan 14 2026, 8:06 AM
kp committed rGaafa123641be: pfctl: resolve '-s' ambiguity (authored by kp).
pfctl: resolve '-s' ambiguity
Jan 14 2026, 8:06 AM
kp committed rGc72fb110e47f: pf: convert state limiter interface to netlink (authored by kp).
pf: convert state limiter interface to netlink
Jan 14 2026, 8:06 AM
kp committed rG461648121230: pf: introduce source and state limiters (authored by kp).
pf: introduce source and state limiters
Jan 14 2026, 8:06 AM

Jan 10 2026

kp committed rG71f4eb518cd9: pf: don't reject route-to'd too-large packets (authored by kp).
pf: don't reject route-to'd too-large packets
Jan 10 2026, 10:23 AM

Jan 8 2026

kp committed rG0df9054bc116: pf: handle nlattr_add_nested() failure (authored by kp).
pf: handle nlattr_add_nested() failure
Jan 8 2026, 12:28 PM
kp committed rGbf19253516ec: pf: remove redundant zeroing (authored by kp).
pf: remove redundant zeroing
Jan 8 2026, 12:28 PM

Jan 6 2026

kp accepted D54549: pf: tests: Require python3.
Jan 6 2026, 10:42 AM

Jan 3 2026

kp added a comment to D54382: MFC sys/netinet6: Implement RFC 7217 (private stable addresses).
In D54382#1242817, @madpilot wrote:

Forgot to add references:

[1] 9e792f7ef7298080c058fbc2d36a4e60e596dae9

Jan 3 2026, 12:04 PM

Jan 2 2026

kp committed rGfb476c703117: pf: sprinkle const over pf_addr_cmp() (authored by kp).
pf: sprinkle const over pf_addr_cmp()
Jan 2 2026, 4:19 PM

Dec 30 2025

kp committed rG4fecc8e3fe94: pfctl: remove duplicate "va" entry (authored by kp).
pfctl: remove duplicate "va" entry
Dec 30 2025, 11:29 PM
kp committed rG2eec2bcca297: pf tests: avoid cleanup failures on skipped tests (authored by kp).
pf tests: avoid cleanup failures on skipped tests
Dec 30 2025, 1:17 PM
kp committed rG96c7e70c18a4: pf: convert DIOCRCLRASTATS to netlink (authored by kp).
pf: convert DIOCRCLRASTATS to netlink
Dec 30 2025, 1:17 PM
kp committed rGc2e7a52374b3: pf: move DIOCRCLRASTATS into libpfctl (authored by kp).
pf: move DIOCRCLRASTATS into libpfctl
Dec 30 2025, 1:17 PM
kp committed rG190c1f3d9326: pfctl: allow network programs select DSCP_VA for network ToS (authored by kp).
pfctl: allow network programs select DSCP_VA for network ToS
Dec 30 2025, 1:17 PM

Dec 29 2025

kp committed rG261642478c8e: pf: handle TTL expired during nat64 (authored by kp).
pf: handle TTL expired during nat64
Dec 29 2025, 10:14 AM

Dec 26 2025

kp accepted D54363: kyua: Make "debug -p" skip writing stdout/stderr to tmp files.
Dec 26 2025, 3:08 PM