On 29 Apr 2021, at 17:14, Shawn Webb wrote:
On Tue, Jan 05, 2021 at 10:37:54PM +0000, Kristof Provost wrote:
The branch main has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=e86bddea9fe62d5093a1942cf21950b3c5ca62e5
commit e86bddea9fe62d5093a1942cf21950b3c5ca62e5
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2020-12-05 13:32:54 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2021-01-05 22:35:36 +0000
pf: Split pf_rule into kernel and user space versions
No functional change intended.
MFC after: 2 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D27758
Key Kristof,
This commit breaks the security/expiretable port. Specifically, the
guarding of the pf_state struct, which expiretable uses directly.
Yeah, it’s come up before:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253547
Tl;dr: The expiretable port used a struct it should not have been using.
That part of the code never[*] worked, but it’s not actually used
anyway. Renato has a patch to fix the port by simply deleting the
offending code.
Best regards,
Kristof
[*] Not in recent memory anyway. At least since 2012. That’s when the
pf code was moved around in the tree and I’ve not dug further to see
when this started to be wrong.
_______________________________________________
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
