Diffusion FreeBSD src repository fe3bb40b9e80

pf: fix dummynet + ipdivert use case
fe3bb40b9e80
Actions

Description

pf: fix dummynet + ipdivert use case

Dummynet re-injects an mbuf with MTAG_IPFW_RULE added, and the same mtag
is used by divert(4) as parameters for packet diversion.

If according to pf rule set a packet should go through dummynet first
and through ipdivert after then mentioned mtag must be removed after
dummynet not to make ipdivert think that this is its input parameters.

At the very beginning ipfw consumes this mtag what means the same
behavior with tag clearing after dummynet.

And after fabf705f4b5a pf passes parameters to ipdivert using its
personal MTAG_PF_DIVERT mtag.

PR: 274850
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D42609

Details

Provenance

igor.ostapenko_pm.me	Authored on Nov 17 2023, 4:04 PM
kp	Committed on Nov 17 2023, 4:06 PM

Reviewer

Differential Revision

D42609: pf: fix dummynet + ipdivert use case

Parents

rGb1538e8fc488: dirdeps: Fix libpcap Makefile.depend.options

Branches

Unknown

Tags

Unknown

Event Timeline

kp committed rGfe3bb40b9e80: pf: fix dummynet + ipdivert use case (authored by igor.ostapenko_pm.me).Nov 17 2023, 4:06 PM

kp added an edge: D42609: pf: fix dummynet + ipdivert use case.Nov 17 2023, 5:07 PM

kp mentioned this in rGf831517d862d: pf: fix dummynet + ipdivert use case.Nov 20 2023, 1:04 PM

Changes (2)

Path

Size

sys/

netpfil/

pf/

pf.c

tests/

sys/

netpfil/

pf/

divert-to.sh

rGfe3bb40b9e80

View Options

sys/netpfil/pf/pf.c