git: da8d8b22e69c - main - pf: fix ABI breakage
Kristof Provost
kp at FreeBSD.org
Wed Jul 28 12:21:51 UTC 2021
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=da8d8b22e69c72f1d001d55b5eff5acbb0265cfc
commit da8d8b22e69c72f1d001d55b5eff5acbb0265cfc
Author: Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2021-07-28 09:24:44 +0000
Commit: Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-07-28 10:16:33 +0000
pf: fix ABI breakage
The introduction of synproxy support changed the size of struct
pf_status, which in turn broke the userspace ABI.
Revert the relevant change. More work is needed on the synproxy code to
keep and expose the counters, but in the mean time this restores the
ABI.
PR: 257469
MFC after: 3 days
Sponsored by: Modirum MDPay
---
sys/netpfil/pf/pf.h | 3 +--
sys/netpfil/pf/pf_syncookies.c | 1 -
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/sys/netpfil/pf/pf.h b/sys/netpfil/pf/pf.h
index c8bf932af9c3..d8ee43506d99 100644
--- a/sys/netpfil/pf/pf.h
+++ b/sys/netpfil/pf/pf.h
@@ -160,8 +160,7 @@ enum { PF_ADDR_ADDRMASK, PF_ADDR_NOROUTE, PF_ADDR_DYNIFTL,
#define LCNT_SRCCONNRATE 4 /* max-src-conn-rate */
#define LCNT_OVERLOAD_TABLE 5 /* entry added to overload table */
#define LCNT_OVERLOAD_FLUSH 6 /* state entries flushed */
-#define LCNT_SYNCOOKIES_VALID 7 /* syncookies validated */ /* XXX TODO: Ensure no API breakage! */
-#define LCNT_MAX 8 /* total+1 */
+#define LCNT_MAX 7 /* total+1 */
#define LCNT_NAMES { \
"max states per rule", \
diff --git a/sys/netpfil/pf/pf_syncookies.c b/sys/netpfil/pf/pf_syncookies.c
index 8699ae855ec8..744a12e4e21d 100644
--- a/sys/netpfil/pf/pf_syncookies.c
+++ b/sys/netpfil/pf/pf_syncookies.c
@@ -275,7 +275,6 @@ pf_syncookie_validate(struct pf_pdesc *pd)
if ((ack & ~0xff) != (hash & ~0xff))
return (0);
- counter_u64_add(V_pf_status.lcounters[LCNT_SYNCOOKIES_VALID], 1);
return (1);
}
More information about the dev-commits-src-main
mailing list