Differential D47790

pfctl: change for af-to / NAT64 support.
ClosedPublic
Actions

Authored by kp on Nov 27 2024, 4:42 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Tue, Apr 22, 1:35 PM

	Unknown Object (File)
	Mon, Apr 21, 6:43 AM

	Unknown Object (File)
	Mon, Apr 21, 5:40 AM

	Unknown Object (File)
	Sun, Apr 20, 10:35 PM

	Unknown Object (File)
	Sun, Apr 20, 10:19 PM

	Unknown Object (File)
	Sun, Apr 20, 9:19 PM

	Unknown Object (File)
	Mar 2 2025, 10:46 PM

	Unknown Object (File)
	Mar 2 2025, 3:57 PM

View All 22 Files

Subscribers

vegeta_tuxpowered.net

Details

Reviewers

None

Group Reviewers

pfsense
network

Commits

rGaa69fdf1542d: pfctl: change for af-to / NAT64 support.

Summary

The general syntax is:
pass in inet from any to 192.168.1.1 af-to inet6 from 2001::1 to 2001::2
In the NAT64 case the "to" is not needed in af-to and the IP is extraced
from the IPv6 dst (assuming a /64 prefix).
Again most work by sperreault@, mikeb@ and reyk@
OK mcbride@, put it in deraadt@

Obtained from: OpenBSD, claudio <claudio@openbsd.org>, 0cde32ce3f
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 60824
Build 57708: arc lint + arc unit

Event Timeline

kp created this revision.Nov 27 2024, 4:42 PM

Herald added subscribers: vegeta_tuxpowered.net, glebius, melifaro and 3 others. · View Herald TranscriptNov 27 2024, 4:42 PM

kp requested review of this revision.Nov 27 2024, 4:42 PM

Harbormaster completed remote builds in B60824: Diff 147049.Nov 27 2024, 4:42 PM

kp added a parent revision: D47789: pf: support nat64 for SCTP.Nov 27 2024, 4:42 PM

kp added a child revision: D47791: pf tests: basic nat64 test case.

This revision was not accepted when it landed; it landed in state Needs Review.Dec 17 2024, 10:09 AM

Closed by commit rGaa69fdf1542d: pfctl: change for af-to / NAT64 support. (authored by kp). · Explain Why

This revision was automatically updated to reflect the committed changes.

kp added a commit: rGaa69fdf1542d: pfctl: change for af-to / NAT64 support..

Revision Contents
Changeset List

Path

Size

lib/

libpfctl/

7 lines

13 lines

sbin/

pfctl/

188 lines

pf_print_state.c

20 lines

38 lines

19 lines

sys/

net/

1 line

netpfil/

pf/

1 line

1 line

Diff 147049

lib/libpfctl/libpfctl.h

Loading...

lib/libpfctl/libpfctl.c

Loading...

sbin/pfctl/parse.y

Loading...

sbin/pfctl/pf_print_state.c

Loading...

sbin/pfctl/pfctl.c

Loading...

sbin/pfctl/pfctl_parser.c

Loading...

sys/net/pfvar.h

Loading...

sys/netpfil/pf/pf_nl.h

Loading...

sys/netpfil/pf/pf_nl.c

Loading...