git: pf: Fix 'set skip on' for interface groups
Aaron LI
aly at crater.dragonflybsd.org
Sat Apr 30 22:09:51 PDT 2022
commit 1f4644306e2abec3b56e1ef6ef21613ff4c991ad
Author: Aaron LI <aly at aaronly.me>
Date: Sun May 1 11:31:41 2022 +0800
pf: Fix 'set skip on' for interface groups
Previously if an interface type (without number), e.g. "set skip on vlan"
or "set skip on em" was used, it would have the *undocumented* behavior
of matching *any* interface of that type.
Now it will only match an interface which is a member of the named group.
And thus it works with interface groups of arbitrary names, e.g., one
can "set skip on home" with "home" being the group containing interfaces
"em1" and "tun0".
This results in some changed behavior:
If you currently use "set skip" with a physical interface type (e.g.
"set skip on ix") you will need to add the interface to a group of that
name: 'ifconfig ix0 group ix' or add 'group ix' to hostname.ix0.
Interfaces cloned at runtime (e.g. lo, tap, tun, vlan) default to being
in a group named after the interface type, so for these interfaces there
will be no change in the behavior unless you have deliberately changed
groups.
Obtained-from: FreeBSD (revision 337643)
Obtained-from: OpenBSD (pf_if.c,v 1.62, 1.63)
Summary of changes:
sys/net/pf/pf_if.c | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1f4644306e2abec3b56e1ef6ef21613ff4c991ad
--
DragonFly BSD source repository
More information about the Commits
mailing list