Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 8 Jul 2021 11:50:30 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 4f5a2009ad8a - stable/13 - ftp-proxy: Revert incorrect migration to libpfctl
Message-ID:  <202107081150.168BoUPN011127@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/13 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=4f5a2009ad8ad98a457ddecb63fe1ed8a968226d

commit 4f5a2009ad8ad98a457ddecb63fe1ed8a968226d
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2021-07-01 15:16:10 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-07-08 06:46:54 +0000

    ftp-proxy: Revert incorrect migration to libpfctl
    
    libpfctl supports creating rules, but not (yet) adding addresses to a
    pool. Adding addresses certainly does not work through adding a rule.
    
    PR:             256917
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 8923ea6c867fd75b08b76883ec122c429a4018f9)
---
 contrib/pf/ftp-proxy/filter.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/contrib/pf/ftp-proxy/filter.c b/contrib/pf/ftp-proxy/filter.c
index dad6324808bc..e4787985e99f 100644
--- a/contrib/pf/ftp-proxy/filter.c
+++ b/contrib/pf/ftp-proxy/filter.c
@@ -103,8 +103,7 @@ add_nat(u_int32_t id, struct sockaddr *src, struct sockaddr *dst,
 		    &satosin6(nat)->sin6_addr.s6_addr, 16);
 		memset(&pfp.addr.addr.v.a.mask.addr8, 255, 16);
 	}
-	if (pfctl_add_rule(dev, &pfrule, pfanchor, pfanchor_call,
-	    pfticket, pfpool_ticket))
+	if (ioctl(dev, DIOCADDADDR, &pfp) == -1)
 		return (-1);
 
 	pfrule.rpool.proxy_port[0] = nat_range_low;
@@ -138,8 +137,7 @@ add_rdr(u_int32_t id, struct sockaddr *src, struct sockaddr *dst,
 		    &satosin6(rdr)->sin6_addr.s6_addr, 16);
 		memset(&pfp.addr.addr.v.a.mask.addr8, 255, 16);
 	}
-	if (pfctl_add_rule(dev, &pfrule, pfanchor, pfanchor_call,
-	    pfticket, pfpool_ticket))
+	if (ioctl(dev, DIOCADDADDR, &pfp) == -1)
 		return (-1);
 
 	pfrule.rpool.proxy_port[0] = rdr_port;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202107081150.168BoUPN011127>