svn commit: r278831 - head/sys/netpfil/pf
Gleb Smirnoff
glebius at FreeBSD.org
Tue Feb 17 21:50:56 UTC 2015
On Wed, Feb 18, 2015 at 01:40:36AM +0400, Sergey Kandaurov wrote:
S> On 17 February 2015 at 20:31, John-Mark Gurney <jmg at funkthat.com> wrote:
S> > Gleb Smirnoff wrote this message on Mon, Feb 16, 2015 at 03:38 +0000:
S> >> Author: glebius
S> >> Date: Mon Feb 16 03:38:27 2015
S> >> New Revision: 278831
S> >> URL: https://svnweb.freebsd.org/changeset/base/278831
S> >>
S> >> Log:
S> >> Update the pf fragment handling code to closer match recent OpenBSD.
S> >> That partially fixes IPv6 fragment handling. Thanks to Kristof for
S> >> working on that.
S> >>
S> >> Submitted by: Kristof Provost
S> >> Tested by: peter
S> >> Differential Revision: D1765
S> >
S> > Looks like pf_flush_fragments still called in !INET case, though only
S> > defined for INET case:
S> > /scratch/tmp/jmg/src.head/sys/modules/pf/../../netpfil/pf/pf_norm.c:385:3: error: implicit declaration of function 'pf_flush_fragments' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
S> > pf_flush_fragments();
S> >
S> > when compiling LINT-NOINET kernel..
S>
S> With the changes attached I got all three kernels with both cc compiled
S> (tested on MINI w/ MODULES_OVERRIDE=pf). Basically,
S> - pf_flush_fragments is improperly INET-only
S> - pf_find_fragment is properly declared, but its body is under INET
S> - pf_refragment6 / pf_reassemble6 are properly under INET6,
S> which is also under INET (the latter is wrong).
S> - bonus: some functions may be / were static'ized.
Thanks, looks very close to patch that I'm build testing now.
--
Totus tuus, Glebius.
More information about the svn-src-all
mailing list