Page MenuHomeFreeBSD
Differential D48453

pf: add 'allow-related' to always allow SCTP multihome extra connections
ClosedPublic
Actions

Authored by kp on Jan 14 2025, 8:55 AM.
Tags
None
Referenced Files
F115661587: D48453.id149414.diff
Sat, Apr 26, 6:00 PM
F115644760: D48453.diff
Sat, Apr 26, 11:49 AM
Unknown Object (File)
Thu, Apr 10, 10:18 AM
Unknown Object (File)
Mar 2 2025, 6:24 AM
Unknown Object (File)
Feb 10 2025, 10:04 PM
Unknown Object (File)
Feb 6 2025, 11:36 PM
Unknown Object (File)
Feb 6 2025, 12:00 AM
Unknown Object (File)
Feb 5 2025, 9:29 PM
View All 19 Files
Subscribers
ae
farrokhi
glebius
imp
melifaro
vegeta_tuxpowered.net

Details

Reviewers
None
Group Reviewers
network
Commits
rG491f5e37ae45: pf: add 'allow-related' to always allow SCTP multihome extra connections
rGe4f2733df8c9: pf: add 'allow-related' to always allow SCTP multihome extra connections
Summary

Allow users to choose to allow permitted SCTP connections to set up additional
multihomed connections regardless of the ruleset. That is, allow an already
established connection to set up flows that would otherwise be disallowed.

In case of if-bound connections we initially set the extra associations to
be floating, because we don't know what path they'll be taking when they're
created. Once we see the first traffic we can bind them.

MFC after: 2 weeks
Sponsored by: Orange Business Services

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 61710
Build 58594: arc lint + arc unit

Revision Contents
Changeset List

PathSize
sbin/
pfctl/
21 lines
share/
man/
man5/
6 lines
sys/
net/
1 line
netpfil/
pf/
1 line
24 lines
tests/
sys/
netpfil/
pf/
76 lines

Diff 149221

View Options

sbin/pfctl/parse.y

Loading...
View Options

share/man/man5/pf.conf.5

Loading...
View Options

sys/net/pfvar.h

Loading...
View Options

sys/netpfil/pf/pf.h

Loading...
View Options

sys/netpfil/pf/pf.c

Loading...
View Options

tests/sys/netpfil/pf/sctp.py

Loading...