From nobody Thu Sep 05 07:35:37 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WzrkK4cgLz5VX4P; Thu, 05 Sep 2024 07:35:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WzrkK3FKsz4Y12; Thu, 5 Sep 2024 07:35:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1725521737; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XaqIKGhPK8velwWfRXib9njR9E6Oc1QvIjJo9hIbQC0=; b=UAqQ6wE+kmGC1Q2p48c8JyDHiCXUyxQ8lD0oqd2Mt81uVq9VQM4/k2uv4I0cBuK2uA4Nu4 k0rnWRTTbBz6mX3IYByU/jGVlEThI8LMm2RLK/st7FtEYr1VyzG/0X0clV1pTLbzHu5Jpx uA8/MV0nNeZmTocASRsMfFVrENa2Ohx4UXmxTek+Kwa3U0/oiZe2oZSQVgairfRIyE3mo+ iSrQrEycD3lTuilrlGCmupErepXIU1ANfs2DFatxWXWiBhHLjNCEvnljH/RdooTh1ZPW+n Mt4xxLCsrOCoTxYwYlhHi38RrgKDLgPZ97O7fJB4AYzbDUPQe5CL7qYc79YGOA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725521737; a=rsa-sha256; cv=none; b=gP+GcP5dooZnbL6HcUBYYnKtc33leDm3aXWhjClcv88SejkmCjpWg+PnpPxE3Wqcs5/GI5 cgc4E7VQaqYwXzKn+61l1xgQq/MYS9CDGr+94FC6ES324bATq4UqGmMzhiK/yMgJMlA6Pa 4EJy4iipgyawPAE3nWLi+dtBFjhXcLuC8ijl3Wi7XMi7cqncrDmHIvlCFY2I2k/pkBnj+y xgeiLLt98NUa5oKe3i3aha3P7TyzFSvDR4otCogs545T7hdlchEG0m2W6H7YK5strRtiVo WrxUBkcCTf+RvkBJB4VLq0aOyV23+IGMkxfL1rBxZBZ3VJnqsvFUOo6NYJB5KA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1725521737; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XaqIKGhPK8velwWfRXib9njR9E6Oc1QvIjJo9hIbQC0=; b=yt/PGM4+F5ekC9b36HodJdY5072/fIPLgblN8GSW3qpssBX20Xh8F0Z7medbngt5OMm6Ev Yr1/wxbXrYuEJTAxzeJ88xfxwn30pC/K7HpoyDxLc6ST9s6eFh/0RCUGIe5HitPNaL+NJ1 bnHpApNfUFNNLZKFt4uRN+lgIKMdzp3WQDEjGr2itU2WNAHiASK5QZzW0Toi3kjGkMPse7 HqhWL92/r6W5gqFN+twldH8ahMXA5JiJEy02D4UxNvB/Hy7oRTANG5uNgJNxSscmiUmF7m TDT6BxiMxunEawO2jRdsz71DAPXVHHn4ooU/wXIr9b9knGgD6yS3FFpEwWYPWg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WzrkK2rl0z105D; Thu, 5 Sep 2024 07:35:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4857Zbcm037111; Thu, 5 Sep 2024 07:35:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4857ZbAe037108; Thu, 5 Sep 2024 07:35:37 GMT (envelope-from git) Date: Thu, 5 Sep 2024 07:35:37 GMT Message-Id: <202409050735.4857ZbAe037108@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 183076d24478 - releng/13.4 - pf: try to lookup the icmp state based on a correct packet descriptor List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.4 X-Git-Reftype: branch X-Git-Commit: 183076d24478091246cd5928e31d57d21e417c0f Auto-Submitted: auto-generated The branch releng/13.4 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=183076d24478091246cd5928e31d57d21e417c0f commit 183076d24478091246cd5928e31d57d21e417c0f Author: Kristof Provost AuthorDate: 2024-08-26 14:42:05 +0000 Commit: Kristof Provost CommitDate: 2024-09-05 07:34:52 +0000 pf: try to lookup the icmp state based on a correct packet descriptor MFC after: 1 week Obtained from: OpenBSD, mikeb , e467ea25dcd3 Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit b8cd169efa6ac0899b4998898129765ae5c685a6) (cherry picked from commit fa4b64836183c33631d92dadb073a9e435c5bf6d) Approved-by: re (cperciva) --- sys/netpfil/pf/pf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 64f731d4ae53..0991cd39f332 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -6623,11 +6623,11 @@ pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, PF_ICMP_MULTI_NONE, 1); if (ret >= 0) { - if (ret == PF_DROP && pd->af == AF_INET6 && + if (ret == PF_DROP && pd2.af == AF_INET6 && icmp_dir == PF_OUT) { if (*state != NULL) PF_STATE_UNLOCK((*state)); - ret = pf_icmp_state_lookup(&key, pd, + ret = pf_icmp_state_lookup(&key, &pd2, state, m, off, pd->dir, kif, virtual_id, virtual_type, icmp_dir, &iidx, multi, 1);