Diffusion FreeBSD src repository c6210cfd58f6

pf: fix if-bound with nat64
c6210cfd58f6
Actions

Description

pf: fix if-bound with nat64

Just as with reply-to rules we don't know what interface we will send this out
of until we create the state. Create new nat64 rules as floating, but bind them
to the appropriate interface on the first pf_route(), when we do know.

Set state policy if-bound for the nat64 tests to validate this.

See also: 6460322a0
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D47801

Details

Provenance

kp	Authored on Nov 15 2024, 3:29 PM

Differential Revision

D47801: pf: fix if-bound with nat64

Parents

rGd7e9df4fc67f: pfctl: print_rule: rename opts -> ropts

Branches

Unknown

Tags

Unknown

Event Timeline

kp committed rGc6210cfd58f6: pf: fix if-bound with nat64 (authored by kp).Dec 17 2024, 10:07 AM

kp added an edge: D47801: pf: fix if-bound with nat64.Dec 17 2024, 10:10 AM

Changes (2)

Path

Size

sys/

netpfil/

pf/

pf.c

tests/

sys/

netpfil/

pf/

nat64.sh

rGc6210cfd58f6

View Options

sys/netpfil/pf/pf.c