From nobody Fri Nov 24 14:10:48 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ScH2J6bMhz52bTf;
	Fri, 24 Nov 2023 14:10:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ScH2J3xR4z3fnb;
	Fri, 24 Nov 2023 14:10:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1700835048;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ZNTjTv7z9lNHKoxQe4xGKCiALyYx7owl/PHCudpol+I=;
	b=qlvWC2rECwkoDAdlGwrste+oeqtSP0EmVjdExC39VI3yDJcgimaZYwZ2s/oZfv6lIUlny3
	lcQ1+lKZivFJ5iKs6ZCALABqFeZHYQRRsy5OK9M2H/wlplg2skzsyy+z/u2WArbaWoFX58
	V4plQHFspz++k/rKEF7h7kScoLJm6eXXFvwCILQCrOXkUUbkP8PI31T9hHqhxqycQsquMa
	0q2iZ13RxwYaYqv8tYxUNpVr0wIs29GJvCQfj5DAOp5TqwYBUmjHDMT2vbTDfWTZ7WGkTn
	3VT1dyFMioceM6hCF7s63jGxK2x35tlNYtoKig5MKIg/10BG4V8XA6MxdSC7ag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1700835048;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=ZNTjTv7z9lNHKoxQe4xGKCiALyYx7owl/PHCudpol+I=;
	b=fdivcDgas3KYOgk9ij4oQybPK3/Q/CvhjoCcZk04fJDbBj2Rg72hxr9s0qa925EAP6k3Wi
	fAyqjHfPlazs8GsaTRHPgd568M+iyXtXJ+QVcyWVEcdY7JvJw/ZnV4lK+J1Lo755ZBrzUq
	F2amtJvyXbuQlJUpJZcm/vTFCBz6yLwGsZWHiCduQID750VDwpfb82FaUMxn2rrqvhWkHV
	5zmr9bp+xRTiqCLHDeEUobqzyzcti7woXt/W9Oq9fDQlkNABx0vvujQQZL5PG4LEOCh+fU
	J7ZyYKhpfK/bxS8eycTB9VHnHzjYuMhJaQ17X/NLlAQGMmlbPtxHTn+tRHcB/w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1700835048; a=rsa-sha256; cv=none;
	b=YiIhHVciscnT6bSJ1wyvYo/dreyt+SoIE5+zowYwxZrBUEUGGv8FJjyg8y1+JzKUXFrR0r
	uwcmzHTsL2MPZK8tbu8+sicI78HXx+g0wwCor1JRr7bybgOpIure/wOVJkxOTQJs+cRaoo
	atbCFm7Hp9Q7IcilGsdQHtFml3KygFZRyR/uizSwI4JYF9rs6W0hFD/DZ/hjKdHygCIo/e
	O3CkHLriTmunmrZBHEsWcojMhJrsn5dJli8HJ43cgVZ905uds+wzXX4k5cpA7hTFN3n0Y3
	i/fcTyRq1I1F9URxhX3mFkx2bl7hkojYdqdPvhhkFxOgCEsWpy3GLEe6g5lxgg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ScH2J32f2znY0;
	Fri, 24 Nov 2023 14:10:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3AOEAmYe025100;
	Fri, 24 Nov 2023 14:10:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3AOEAmSJ025097;
	Fri, 24 Nov 2023 14:10:48 GMT
	(envelope-from git)
Date: Fri, 24 Nov 2023 14:10:48 GMT
Message-Id: <202311241410.3AOEAmSJ025097@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 4b25aa8d20ba - stable/14 - pf: skip urpf check for
  sctp multihomed states
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 4b25aa8d20ba22dea992d7893ac074d5d54ac807
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=4b25aa8d20ba22dea992d7893ac074d5d54ac807

commit 4b25aa8d20ba22dea992d7893ac074d5d54ac807
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-11-16 19:55:02 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-11-24 09:20:32 +0000

    pf: skip urpf check for sctp multihomed states
    
    When we create a new state for multihomed sctp connections (i.e.
    based on INIT/INIT_ACK or ASCONF parameters) we cannot know what
    interfaces we'll be seeing that traffic on. These states are floating
    states, i.e. on "all" interfaces. We cannot do reverse path filtering
    for these states, so do not do so.
    
    MFC after:      1 week
    Sponsored by:   Orange Business Services
    
    (cherry picked from commit a8dbbeb1c71b6f302818b8e041a2b50486b90180)
---
 sys/netpfil/pf/pf.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index a9870ebe166b..082987d34b07 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -7160,6 +7160,9 @@ pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kkif *kif,
 	if (af != AF_INET && af != AF_INET6)
 		return (0);
 
+	if (kif == V_pfi_all)
+		return (1);
+
 	/* Skip checks for ipsec interfaces */
 	if (kif != NULL && kif->pfik_ifp->if_type == IFT_ENC)
 		return (1);