Page MenuHomeFreeBSD
Differential D36886

pf tests: test fast port re-use with syncookies
ClosedPublic
Actions

Authored by kp on Oct 5 2022, 4:38 PM.
Tags
None
Referenced Files
F102821218: D36886.diff
Sun, Nov 17, 3:15 PM
Unknown Object (File)
Oct 13 2024, 7:22 AM
Unknown Object (File)
Oct 13 2024, 7:22 AM
Unknown Object (File)
Oct 13 2024, 7:21 AM
Unknown Object (File)
Oct 13 2024, 7:18 AM
Unknown Object (File)
Sep 18 2024, 3:05 AM
Unknown Object (File)
Sep 17 2024, 3:29 AM
Unknown Object (File)
Sep 16 2024, 7:43 AM
View All 36 Files
Subscribers
farrokhi
glebius
imp
melifaro

Details

Reviewers
None
Group Reviewers
network
Commits
rG1279c260c053: pf tests: test fast port re-use with syncookies
rG2cfb60783900: pf tests: test fast port re-use with syncookies
rGdc698b2cd59e: pf tests: test fast port re-use with syncookies
Summary

When a src/dst ip/port tuple is re-used before the pf state fully
expires we clean up the state and create a new one, unless syncookies
are enabled.

Test this, by running two back-to-back nc sessions, with a fixed source
port. Move the interface and IP to a different (vnet) jail, to trick the
network stack into letting us do this.

MFC after: 1 week
Event: Aberdeen hackathon 2022

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 47699
Build 44586: arc lint + arc unit

Event Timeline

kp created this revision.Oct 5 2022, 4:38 PM
Herald added subscribers: glebius, melifaro, farrokhi, imp. · View Herald TranscriptOct 5 2022, 4:38 PM
kp requested review of this revision.Oct 5 2022, 4:38 PM
Harbormaster completed remote builds in B47699: Diff 111472.Oct 5 2022, 4:38 PM
kp added a comment.Oct 5 2022, 4:47 PM

Note that this tests for a bug that's not fixed yet, so it can't land until that's done.

This revision was not accepted when it landed; it landed in state Needs Review.Jan 13 2023, 10:17 AM
Closed by commit rGdc698b2cd59e: pf tests: test fast port re-use with syncookies (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
kp added a commit: rGdc698b2cd59e: pf tests: test fast port re-use with syncookies.
kp added a commit: rG2cfb60783900: pf tests: test fast port re-use with syncookies.Jan 28 2023, 1:40 AM
kp added a commit: rG1279c260c053: pf tests: test fast port re-use with syncookies.

Revision Contents
Changeset List

PathSize
tests/
sys/
netpfil/
pf/
57 lines

Diff 111472

View Options

tests/sys/netpfil/pf/syncookie.sh

Loading...