Download raw body.
'pfctl -K' patch from Olivier Croquin
On Thu, Feb 01, 2024 at 01:07:59AM +0100, Alexandr Nedvedicky wrote:
> Hello,
>
> the same patch below has been sent by Olivier Croquin to bugs [1]
> few days ago. The change makes sense. any one interested to
> give it OK?
>
> the change fixes a copy'n'paste typo.
I think this line has the same typo. psk_src -> psk_dst
598 copy_satopfaddr(&psk.psk_src.addr.v.a.addr,
599 resp[1]->ai_addr);
Look at cvs diff -r1.368 -r1.369 pfctl.c
bluhm
> If I understand things right one might need to run command below:
>
> pfctl -K 192.168.1.10 -K 185.91.168.27
>
> to destroy 'sticky' mappings for 192.168.1.10 created by nat-to/rdr-to
> rule. This is the only place where we call pf_insert_src_node() with
> both addresses (src, dst) set (snippet comes from pf_lb.c):
>
> 653 if (rpool->opts & PF_POOL_STICKYADDR) {
> 654 if (sns[type] != NULL) {
> 655 pf_remove_src_node(sns[type]);
> 656 sns[type] = NULL;
> 657 }
> 658 if (pf_insert_src_node(&sns[type], r, type, af, saddr, naddr,
> 659 rpool->kif))
> 660 return (1);
> 661 }
>
> thanks and
> regards
> sashan
>
> [1] https://marc.info/?l=openbsd-bugs&m=170654976310890&w=2
> --------8<---------------8<---------------8<------------------8<--------
> diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
> index ece39d2105c..e81dd7c06d1 100644
> --- a/sbin/pfctl/pfctl.c
> +++ b/sbin/pfctl/pfctl.c
> @@ -514,7 +514,7 @@ pfctl_kill_src_nodes(int dev, int opts)
>
> dests++;
>
> - copy_satopfaddr(&psnk.psnk_src.addr.v.a.addr,
> + copy_satopfaddr(&psnk.psnk_dst.addr.v.a.addr,
> resp[1]->ai_addr);
>
> if (ioctl(dev, DIOCKILLSRCNODES, &psnk) == -1)
'pfctl -K' patch from Olivier Croquin