]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ef067b5) | patch
pf: allow states to be killed by their pre-NAT address
authorKristof Provost <kp@FreeBSD.org>
Fri, 20 Oct 2023 05:37:46 +0000 (07:37 +0200)
committerKristof Provost <kp@FreeBSD.org>
Mon, 23 Oct 2023 14:37:05 +0000 (16:37 +0200)
commit4f33755051c60c6f65ba9f6aaa33d11e72909618
tree75dfdb742c09618e41ca47d3409b3e5378b40ce3tree | snapshot
parentef067b579954c3c443b2a70566e24d94a7583d19commit | diff
pf: allow states to be killed by their pre-NAT address

If a connection is NAT-ed we could previously only terminate it by its
ID or the post-NAT IP address. Allow users to specify they want look for
the state by its pre-NAT address. Usage: `pfctl -k nat -k <address>`.

See also: https://redmine.pfsense.org/issues/11556
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42312
lib/libpfctl/libpfctl.c diff | blob | history
lib/libpfctl/libpfctl.h diff | blob | history
sbin/pfctl/pfctl.8 diff | blob | history
sbin/pfctl/pfctl.c diff | blob | history
sys/net/pfvar.h diff | blob | history
sys/netpfil/pf/pf_ioctl.c diff | blob | history
sys/netpfil/pf/pf_nv.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.