kern/158997: [patch] pf in head,
pfioc_state_kill in pf(4) does not reflect pfioc_state_kill in
sys/pf/net/pfvar.h
Olli Hauer
ohauer at FreeBSD.org
Sun Jul 17 15:40:09 UTC 2011
>Number: 158997
>Category: kern
>Synopsis: [patch] pf in head, pfioc_state_kill in pf(4) does not reflect pfioc_state_kill in sys/pf/net/pfvar.h
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun Jul 17 15:40:08 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Olli Hauer
>Release:
>Organization:
>Environment:
>Description:
The pfioc_state_kill in pf(4) does not reflect pfioc_state_kill in sys/pf/net/pfvar.h
Documentation was also wrong in OpenBSD45.
I send a correction request already to the freebsd-pf@ list a view weeks ago,
but the following patch is more accurate.
http://lists.freebsd.org/pipermail/freebsd-pf/2011-June/006193.html
It will be nice if this trival fix can be included even code freeze is in place.
>How-To-Repeat:
compair pfioc_state_kill in contrib/man/pf.4 and sys/pf/net/pfvar.h
>Fix:
patch against head in svn.
--- pf_head.diff begins here ---
Index: head/contrib/pf/man/pf.4
===================================================================
--- head/contrib/pf/man/pf.4 (revision 224128)
+++ head/contrib/pf/man/pf.4 (working copy)
@@ -308,14 +308,17 @@
.It Dv DIOCKILLSTATES Fa "struct pfioc_state_kill *psk"
Remove matching entries from the state table.
This ioctl returns the number of killed states in
-.Va psk_af .
+.Va psk_killed .
.Bd -literal
struct pfioc_state_kill {
+ struct pf_state_cmp psk_pfcmp;
sa_family_t psk_af;
int psk_proto;
struct pf_rule_addr psk_src;
struct pf_rule_addr psk_dst;
char psk_ifname[IFNAMSIZ];
+ char psk_label[PF_RULE_LABEL_SIZE];
+ u_int psk_killed;
};
.Ed
.It Dv DIOCCLRSTATES Fa "struct pfioc_state_kill *psk"
--- pf_head.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list