Date: Sat, 07 Nov 2015 17:39:15 -0500 From: Tom Uffner <tom@uffner.com> To: Kristof Provost <kp@FreeBSD.org> Cc: FreeBSD-Current <freebsd-current@FreeBSD.org> Subject: Re: r289932 causes pf reversion - breaks rules with broadcast destination Message-ID: <563E7D93.3030204@uffner.com> In-Reply-To: <20151106160610.GB2336@vega.codepro.be> References: <563AB177.6030809@uffner.com> <563B944A.50905@uffner.com> <20151106160610.GB2336@vega.codepro.be>
next in thread | previous in thread | raw e-mail | index | archive | help
Kristof Provost wrote:
> Can you give this a quick test:
>
> diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
> index 1dfc37d..762b82e 100644
> --- a/sys/netpfil/pf/pf.c
> +++ b/sys/netpfil/pf/pf.c
> @@ -1973,9 +1973,9 @@ pf_addr_wrap_neq(struct pf_addr_wrap *aw1, struct pf_addr_wrap *aw2)
> switch (aw1->type) {
> case PF_ADDR_ADDRMASK:
> case PF_ADDR_RANGE:
> - if (PF_ANEQ(&aw1->v.a.addr, &aw2->v.a.addr, 0))
> + if (PF_ANEQ(&aw1->v.a.addr, &aw2->v.a.addr, AF_INET6))
> return (1);
> - if (PF_ANEQ(&aw1->v.a.mask, &aw2->v.a.mask, 0))
> + if (PF_ANEQ(&aw1->v.a.mask, &aw2->v.a.mask, AF_INET6))
> return (1);
> return (0);
> case PF_ADDR_DYNIFTL:
Your patch appears to solve the problem. Thanks!
Also thank you for your quick response.
Sorry I took so long to reply, but I was getting bizarre results from
the "quick" test, and needed to fall back to a full kernel rebuild w/
a consistent set of sources to do a fair apples to apples comparison.
tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?563E7D93.3030204>