git: 7ed8e4be2366 - main - pf: rudimentary counter fix for tables used in match rules
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 12 Feb 2025 19:39:11 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=7ed8e4be23664cb8b112a405114c9e4958d78fca commit 7ed8e4be23664cb8b112a405114c9e4958d78fca Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-02-06 18:26:11 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-02-12 19:38:39 +0000 pf: rudimentary counter fix for tables used in match rules Fixes an issue seen by reyk@ ok henning@ reyk@ Obtained from: OpenBSD, blambert <blambert@openbsd.org>, 96fa270faa Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 6fdc0996324b..5c99cde4a9f4 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -10033,6 +10033,21 @@ pf_counters_inc(int action, struct pf_pdesc *pd, SLIST_FOREACH(ri, &s->match_rules, entry) { pf_counter_u64_add_protected(&ri->r->packets[dirndx], 1); pf_counter_u64_add_protected(&ri->r->bytes[dirndx], pd->tot_len); + + if (ri->r->src.addr.type == PF_ADDR_TABLE) + pfr_update_stats(ri->r->src.addr.p.tbl, + (s == NULL) ? pd->src : + &s->key[(s->direction == PF_IN)]-> + addr[(s->direction == PF_OUT)], + pd->af, pd->tot_len, dir == PF_OUT, + r->action == PF_PASS, ri->r->src.neg); + if (ri->r->dst.addr.type == PF_ADDR_TABLE) + pfr_update_stats(ri->r->dst.addr.p.tbl, + (s == NULL) ? pd->dst : + &s->key[(s->direction == PF_IN)]-> + addr[(s->direction == PF_IN)], + pd->af, pd->tot_len, dir == PF_OUT, + r->action == PF_PASS, ri->r->dst.neg); } }