r289932 causes pf reversion - breaks rules with broadcast destination
Tom Uffner
tom at uffner.com
Sat Nov 7 22:39:31 UTC 2015
Kristof Provost wrote:
> Can you give this a quick test:
>
> diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
> index 1dfc37d..762b82e 100644
> --- a/sys/netpfil/pf/pf.c
> +++ b/sys/netpfil/pf/pf.c
> @@ -1973,9 +1973,9 @@ pf_addr_wrap_neq(struct pf_addr_wrap *aw1, struct pf_addr_wrap *aw2)
> switch (aw1->type) {
> case PF_ADDR_ADDRMASK:
> case PF_ADDR_RANGE:
> - if (PF_ANEQ(&aw1->v.a.addr, &aw2->v.a.addr, 0))
> + if (PF_ANEQ(&aw1->v.a.addr, &aw2->v.a.addr, AF_INET6))
> return (1);
> - if (PF_ANEQ(&aw1->v.a.mask, &aw2->v.a.mask, 0))
> + if (PF_ANEQ(&aw1->v.a.mask, &aw2->v.a.mask, AF_INET6))
> return (1);
> return (0);
> case PF_ADDR_DYNIFTL:
Your patch appears to solve the problem. Thanks!
Also thank you for your quick response.
Sorry I took so long to reply, but I was getting bizarre results from
the "quick" test, and needed to fall back to a full kernel rebuild w/
a consistent set of sources to do a fair apples to apples comparison.
tom
More information about the freebsd-current
mailing list