♟ vegeta_tuxpowered.net

pf: Make nat-to and rdr-to work properly both on in and out rules

Reworked the patch against the doc repo, removed hashes of commits already present in FreeBSD 14, added sponsoring information.

Remove the information about the new "scrub" syntax because that has been included in FreeBSD 14.

pf: Check if source nodes use a valid redirection address

pf: Make nat-to and rdr-to work properly both on in and out rules

Don't forbid address translation on non-usual direction, since OpenBSD allows it too. Enable the test for nat-to on inbound direction.

Restore the proper patch

pf: Fix rule and state counters

pf: Fix interface counters for af-to rules

pf: Always skip outbound filtering for inbound af-to rules

pf: Fix interface binding for af-to with route-to

pf: Add pfsync protocol for FreeBSD 15

pf: Fix interface counters for af-to rules

pf: Fix rule and state counters

pf: Always skip outbound filtering for inbound af-to rules

pf: Fix interface binding for af-to with route-to

pf: Add pfsync protocol for FreeBSD 15

Fix the altq_queues test.

Update the man page for pfsync.

Fix struct alignment. Add a test for rt_af, document why it can't check all cases yet.

pf: Add prefer-ipv6-nexthop option for route-to pools

Remove syncing of altq queue names, sync their IDs instead. The queue names are very long and if queues are kept identical on both routers, it will still work fine. Improve locking in tagname2tag().

Fixed spelling mistakes, added pfctl tests.

In D51789#1183098, @kp wrote:

No objection, but things just build even on LINT-NOINET6 kernels without this change, so I'm not sure what the motivation is.

pf tests: Improve tests for af-to

pf: Use different address family for source and redirection address

pfctl: Use sa_family_t for af instead of int

Trim too long lines, update comments.

pf tests: Fix rdr pass test to really use 'pass … rdr-to' syntax

pf tests: Add jail configuration for route_to and ipv6-nexthop tests

pf: Prevent infinite looping over tables in round-robin pools

pf: Fix error handling when pf_map_addr() fails

I have pushed the commit without proper footer by mistake, so I'm closing this manually.

pf: Don't access sk and nk before they are allocated

vegeta_tuxpowered.net (Kajetan Staszkiewicz)
User

Projects

User Details

Recent Activity
View All

Tue, Nov 11

Mon, Nov 10

Sat, Nov 1

Thu, Oct 30

Wed, Oct 22

Tue, Oct 21

Mon, Oct 20

Oct 1 2025

Sep 28 2025

Sep 23 2025

Sep 17 2025

Sep 16 2025

Sep 9 2025

Aug 30 2025

Aug 29 2025

Aug 28 2025

Aug 27 2025

Aug 22 2025

Aug 8 2025

Aug 7 2025

Aug 5 2025

Aug 1 2025

Jul 31 2025

Jul 13 2025

Jul 12 2025

vegeta_tuxpowered.net (Kajetan Staszkiewicz)User