From nobody Tue Dec 17 10:08:07 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YCCDm1pDBz5h0wd; Tue, 17 Dec 2024 10:08:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YCCDm0Qzsz4BGk; Tue, 17 Dec 2024 10:08:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734430088; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=o7aowNiX0b6U161kppvNB7pTyvSzM7AW9bdA9TbqjQY=; b=jH6vBmE5WsthxjSBaIemdvgwJA2SbqbJcBQalzQpcZThBaaxNL6sJ86jpmn32kTke7D5PQ j6lCWv/d9eEVYsP5iSiPkTr3venlqJf9NBBpRUxYnoaVPK+cUpbd9h5hhY3EnI8M2jpPtM eqW+EJ82m2aMxEfQe88U4doyEvA4FWd/Tj4ADp9RkqB6mFe4cgT8B7+6SYt8cpAxbzjH3x yEw8X9frID6LZE0LLdM37kIiXoCSUVEz4a3HM1hofmbBOfsB0HLpkHQng5RgWqGxIDFNM2 N0INBkP0DIe6ay2FibM1dDTLqjG3mmRI3lnctVNaScnX0Eo6PfEzC1S7lMDkPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1734430088; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=o7aowNiX0b6U161kppvNB7pTyvSzM7AW9bdA9TbqjQY=; b=TgElAN2VBoVgqUtYlojEqOc+sbnpVcea0W2Uq63yNYEYDPtfLg1nRDwGwULZI757cxZ4vc eM8nHDVYuDCFw7CZPYlpaZGBJqQSUD7YZ2Tnfeqs3KbAkllCn2BYONFugL+OdTzglShu+O tKBh1IR0S7BgnYHh8tVsjXmoQv5blcEWrw1Kr1Y7XSyS9s2qBJw+jiYc5gbSD0dgz0fFzq R7oyWnRWx/8tB/gYvUaGIvbjOFyxT8hFlosANx7MPjCPXkHFCOPhnEeIlnwpZMxP1daFR7 umDcuyRF3hBcvcrWfdo+TjNeYdyHiLW8dcfIWA8DEV2mgQsIYlpI4gZ6g8/2Og== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1734430088; a=rsa-sha256; cv=none; b=Rv07S6lqGbnkoikhsmEZ2nU4pGg3cpFMstBvDVj4QGOr6TMEG1GUYlA6a0J2dy/TdhNz27 dc5xB12wFjZVFciDzfzf2BK3U2NEgAj2qOnuADR0lCa0f7xPEAtMuIzccANdCBvhAwv/Fg iE0ZVsKiUkk74VAjv2DpF+7DpV0r05TciaTqFNUBYL0cnVDViZohoTO53BfkTrftRKaHuu BZIRn5KmIo8JQsPazzy8cuYzQ+H8jgf0UP+OaohyUrU31sgrOJQMwKwuHwisMf3qrSGSIv 9GxO3VC1WjYXerylIzOPQ/r2N/a/q8sAshvuUGNDomaMlqIC1F9COX3a51z41g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YCCDm02ckzJXH; Tue, 17 Dec 2024 10:08:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4BHA87Nv024603; Tue, 17 Dec 2024 10:08:07 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4BHA87mF024600; Tue, 17 Dec 2024 10:08:07 GMT (envelope-from git) Date: Tue, 17 Dec 2024 10:08:07 GMT Message-Id: <202412171008.4BHA87mF024600@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 1df79d81343d - main - pf: preserve TOS with nat64 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1df79d81343dc7683a234708e1852a8e368dbed2 Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=1df79d81343dc7683a234708e1852a8e368dbed2 commit 1df79d81343dc7683a234708e1852a8e368dbed2 Author: Kristof Provost AuthorDate: 2024-12-02 16:50:02 +0000 Commit: Kristof Provost CommitDate: 2024-12-17 10:07:17 +0000 pf: preserve TOS with nat64 When translating packets from one address family to another, pass the TOS/Traffic Class field of the original packet. Discussed with mikeb@ Obtained from: OpenBSD, jca , fd92f2bb4f Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 13a299a8dcd4..881b3cf91140 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -3460,6 +3460,7 @@ pf_translate_af(struct pf_pdesc *pd) bzero(ip4, hlen); ip4->ip_v = IPVERSION; ip4->ip_hl = hlen >> 2; + ip4->ip_tos = pd->tos; ip4->ip_len = htons(hlen + (pd->tot_len - pd->off)); ip_fillid(ip4); ip4->ip_ttl = pd->ttl; @@ -3473,6 +3474,7 @@ pf_translate_af(struct pf_pdesc *pd) ip6 = mtod(pd->m, struct ip6_hdr *); bzero(ip6, hlen); ip6->ip6_vfc = IPV6_VERSION; + ip6->ip6_flow |= htonl((u_int32_t)pd->tos << 20); ip6->ip6_plen = htons(pd->tot_len - pd->off); ip6->ip6_nxt = pd->proto; if (!pd->ttl || pd->ttl > IPV6_DEFHLIM)