From nobody Tue Dec 17 10:08:16 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YCCDx3QfBz5h0vL; Tue, 17 Dec 2024 10:08:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YCCDx14Vtz4C8d; Tue, 17 Dec 2024 10:08:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734430097; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WYq0liV+0g1eF6Y2AIm5+KMhv14Qdqb4Aed2mIx5L0U=; b=ya3TB+LX5Za5X2JuUAXTXR0XbWJZ5N0E5a+HZgN2SZPhq1+s4qXvFapfxseI9a5LyM3Lwg SGbrNsNt8hLgt8/Hmv1ei/cVdIXhizw906F9BhrSzTAbd9sqdgUvZUio8ag0YSWhaStkyN jouAVySzD33VKGYzfrHCq0nPMCvyZIbYq8jhSERsz5XNgnN3PPsqEnG0rMKGtIiI/uMrQ6 zsPcQAA00xmVCUccgVRejjuci6JfzmVB0joBZ7Ecw50UMaCLLJKoaTM5PdJpNOOkkK2Xuy sFvpZz5VPkamaE+ZTqCLrb2/AggIIFDCQI1f3bNyQxdUBpirAC3xjFJetdJViQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734430097; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WYq0liV+0g1eF6Y2AIm5+KMhv14Qdqb4Aed2mIx5L0U=; b=bo94mE7Xpzb75J9afgHmHhfjiVR/LkEQnKJVWGIZrjO26kEopwIeUP+Anzrm/NfiOBVj8c aUnuw7aL/5oaq/Dl1k+BnZbssGNnNzFNuWMSuIRJVtJtbnkPNdzn9uDbcCXmobj2SOPw6g 340L+Ocd3aDAs0hyLskfdPgyuK3jsasD2H6wgmwrnhSh8vNranFdQLl5MqAgPqjNWnyT74 Xa2/qOKbwi/qiaf6ENv4yIQKbt/qpEkdsIddpbQZZxe/JEmoLp9owI/D4Vsjd7iXzEvohA L0ZCcsirXVV1ZOfrpqLCgl2T+qQW8XV5+zz3IehlyCobdz3rc/nIc2Hfz4Lsxg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1734430097; a=rsa-sha256; cv=none; b=CrOIL8r8RKgYxQlyKYJ7JZ92e1qTv/d5oz/TsmMU2w/fR1vX2r0vMz8532oeKCE+Z5NLiq OV+a2Aed0Oc+BF1h+6Jv/hHMibNqeyq3wHyxuQNF7mebu3/ZXgfWqz6+kDBxoB49lNrWW8 CznoadyabwwK8MPslMCPkSZYlOJ9p16gqSmxh8ziboNyDDlXDMCYc+D0Yy1AJZTDAKStka IpwJODdLFri6RB66oGMS8T1s+FmwUQYnX5ZvFdZfJeF9v/1PXmKPTTvJJfZQAc1GpPjORW bO4u6qM0ypPAuN28KaDEWkCatZwKwdo4Lj1Vcy0PaPxI7EIXm/6bcb/T2mouYg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YCCDx0bkZzJjq; Tue, 17 Dec 2024 10:08:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4BHA8Gum025054; Tue, 17 Dec 2024 10:08:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4BHA8GVZ025051; Tue, 17 Dec 2024 10:08:16 GMT (envelope-from git) Date: Tue, 17 Dec 2024 10:08:16 GMT Message-Id: <202412171008.4BHA8GVZ025051@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 08a512019ccb - main - pf: fix dummynet + route-to for IPv6 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 08a512019ccb19d1e05d4069faa959a530256ec1 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=08a512019ccb19d1e05d4069faa959a530256ec1 commit 08a512019ccb19d1e05d4069faa959a530256ec1 Author: Kristof Provost AuthorDate: 2024-12-12 12:41:42 +0000 Commit: Kristof Provost CommitDate: 2024-12-17 10:07:18 +0000 pf: fix dummynet + route-to for IPv6 Apply the fixes from c6f1116357904 and b8ef285f6cc6a to IPv6 as well. Ensure that when dummynet re-injects it does so in the correct direction, and uses the correct dummynet pipes. Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 881b3cf91140..d9c0beb0169f 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -9130,6 +9130,28 @@ pf_route6(struct mbuf **m, struct pf_krule *r, struct ifnet *oifp, m0->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA_IPV6; } + if (pd->dir == PF_IN) { + uint16_t tmp; + /* + * Make sure dummynet gets the correct direction, in case it needs to + * re-inject later. + */ + pd->dir = PF_OUT; + + /* + * The following processing is actually the rest of the inbound processing, even + * though we've marked it as outbound (so we don't look through dummynet) and it + * happens after the outbound processing (pf_test(PF_OUT) above). + * Swap the dummynet pipe numbers, because it's going to come to the wrong + * conclusion about what direction it's processing, and we can't fix it or it + * will re-inject incorrectly. Swapping the pipe numbers means that its incorrect + * decision will pick the right pipe, and everything will mostly work as expected. + */ + tmp = pd->act.dnrpipe; + pd->act.dnrpipe = pd->act.dnpipe; + pd->act.dnpipe = tmp; + } + /* * If the packet is too large for the outgoing interface, * send back an icmp6 error.