Page MenuHomeFreeBSD
Differential D48453

pf: add 'allow-related' to always allow SCTP multihome extra connections
ClosedPublic
Actions

Authored by kp on Jan 14 2025, 8:55 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Mar 2, 6:24 AM
Unknown Object (File)
Mon, Feb 10, 10:04 PM
Unknown Object (File)
Thu, Feb 6, 11:36 PM
Unknown Object (File)
Thu, Feb 6, 12:00 AM
Unknown Object (File)
Wed, Feb 5, 9:29 PM
Unknown Object (File)
Jan 30 2025, 4:26 AM
Unknown Object (File)
Jan 29 2025, 9:01 AM
Unknown Object (File)
Jan 26 2025, 6:01 PM
View All 16 Files
Subscribers
ae
farrokhi
glebius
imp
melifaro
vegeta_tuxpowered.net

Details

Reviewers
None
Group Reviewers
network
Commits
rG491f5e37ae45: pf: add 'allow-related' to always allow SCTP multihome extra connections
rGe4f2733df8c9: pf: add 'allow-related' to always allow SCTP multihome extra connections
Summary

Allow users to choose to allow permitted SCTP connections to set up additional
multihomed connections regardless of the ruleset. That is, allow an already
established connection to set up flows that would otherwise be disallowed.

In case of if-bound connections we initially set the extra associations to
be floating, because we don't know what path they'll be taking when they're
created. Once we see the first traffic we can bind them.

MFC after: 2 weeks
Sponsored by: Orange Business Services

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sbin/
pfctl/
21 lines
share/
man/
man5/
6 lines
sys/
net/
1 line
netpfil/
pf/
1 line
24 lines
tests/
sys/
netpfil/
pf/
76 lines

Diff 149414

View Options

sbin/pfctl/parse.y

Loading...
View Options

share/man/man5/pf.conf.5

Loading...
View Options

sys/net/pfvar.h

Loading...
View Options

sys/netpfil/pf/pf.h

Loading...
View Options

sys/netpfil/pf/pf.c

Loading...
View Options

tests/sys/netpfil/pf/sctp.py

Loading...