From: dlg Date: Thu, 4 Feb 2021 21:27:18 +0000 (+0000) Subject: route-to rules take ips now, not interfaces with optional ips. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2d68e7e75a5e3106d7d2f861d7dd3b4873139758;p=openbsd route-to rules take ips now, not interfaces with optional ips. reminded by bluhm@ --- diff --git a/regress/sbin/pfctl/pf46.in b/regress/sbin/pfctl/pf46.in index bb5b66678a7..905785959d7 100644 --- a/regress/sbin/pfctl/pf46.in +++ b/regress/sbin/pfctl/pf46.in @@ -1,7 +1,7 @@ -pass in on lo0 from any to any route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } -pass out on lo0 from any to any route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } round-robin -pass in on lo0 from any to any route-to (pflog0 127.0.0.1/24) bitmask -pass out on lo0 from any to any dup-to (pflog0 127.0.0.1/24) random -pass in on lo0 inet from any to any reply-to (pflog0 127.0.0.0/28) source-hash 0x0123456789ABCDEF0123456789abcdef -pass out on lo0 from any to any route-to (pflog0 127.0.0.1/24) source-hash foobarlicious -pass in on lo0 from any to any dup-to (pflog0 127.0.0.1/24) round-robin +pass in on lo0 from any to any route-to { 169.254.0.1, 169.254.0.2 } +pass out on lo0 from any to any route-to { 169.254.0.1, 169.254.0.2 } round-robin +pass in on lo0 from any to any route-to 169.254.0.1/24 bitmask +pass out on lo0 from any to any dup-to 169.254.0.1/24 random +pass in on lo0 inet from any to any reply-to 169.254.0.0/28 source-hash 0x0123456789ABCDEF0123456789abcdef +pass out on lo0 from any to any route-to 169.254.0.1/24 source-hash foobarlicious +pass in on lo0 from any to any dup-to 169.254.0.1/24 round-robin diff --git a/regress/sbin/pfctl/pf46.ok b/regress/sbin/pfctl/pf46.ok index 5daee273a36..8378f74dd24 100644 --- a/regress/sbin/pfctl/pf46.ok +++ b/regress/sbin/pfctl/pf46.ok @@ -1,9 +1,9 @@ -table <__automatic_0> const { 127.0.0.1@pflog0 127.0.0.2@pflog0 } -table <__automatic_1> const { 127.0.0.1@pflog0 127.0.0.2@pflog0 } +table <__automatic_0> const { 169.254.0.1 169.254.0.2 } +table <__automatic_1> const { 169.254.0.1 169.254.0.2 } pass in on lo0 inet all flags S/SA route-to <__automatic_0> round-robin pass out on lo0 inet all flags S/SA route-to <__automatic_1> round-robin -pass in on lo0 inet all flags S/SA route-to 127.0.0.0/24@pflog0 bitmask -pass out on lo0 inet all flags S/SA dup-to 127.0.0.0/24@pflog0 random -pass in on lo0 inet all flags S/SA reply-to 127.0.0.0/28@pflog0 -pass out on lo0 inet all flags S/SA route-to 127.0.0.0/24@pflog0 source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 -pass in on lo0 inet all flags S/SA dup-to 127.0.0.0/24@pflog0 round-robin +pass in on lo0 inet all flags S/SA route-to 169.254.0.0/24 bitmask +pass out on lo0 inet all flags S/SA dup-to 169.254.0.0/24 random +pass in on lo0 inet all flags S/SA reply-to 169.254.0.0/28 source-hash 0x0123456789abcdef0123456789abcdef +pass out on lo0 inet all flags S/SA route-to 169.254.0.0/24 source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 +pass in on lo0 inet all flags S/SA dup-to 169.254.0.0/24 round-robin diff --git a/regress/sbin/pfctl/pf46.optimized b/regress/sbin/pfctl/pf46.optimized index 6b29b855c3d..a081108973f 100644 --- a/regress/sbin/pfctl/pf46.optimized +++ b/regress/sbin/pfctl/pf46.optimized @@ -6,23 +6,23 @@ [ Skip steps: i=end r=end f=end p=end sa=end da=end sp=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] -@2 pass in on lo0 inet all flags S/SA route-to 127.0.0.0/24@pflog0 bitmask +@2 pass in on lo0 inet all flags S/SA route-to 169.254.0.0/24 bitmask [ Skip steps: i=end r=end f=end p=end sa=end da=end sp=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] -@3 pass out on lo0 inet all flags S/SA dup-to 127.0.0.0/24@pflog0 random +@3 pass out on lo0 inet all flags S/SA dup-to 169.254.0.0/24 random [ Skip steps: i=end r=end f=end p=end sa=end da=end sp=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] -@4 pass in on lo0 inet all flags S/SA reply-to 127.0.0.0/28@pflog0 +@4 pass in on lo0 inet all flags S/SA reply-to 169.254.0.0/28 source-hash 0x0123456789abcdef0123456789abcdef [ Skip steps: i=end r=end f=end p=end sa=end da=end sp=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] -@5 pass out on lo0 inet all flags S/SA route-to 127.0.0.0/24@pflog0 source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 +@5 pass out on lo0 inet all flags S/SA route-to 169.254.0.0/24 source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 [ Skip steps: i=end r=end f=end p=end sa=end da=end sp=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] -@6 pass in on lo0 inet all flags S/SA dup-to 127.0.0.0/24@pflog0 round-robin +@6 pass in on lo0 inet all flags S/SA dup-to 169.254.0.0/24 round-robin [ Skip steps: i=end d=end r=end f=end p=end sa=end da=end sp=end dp=end ] [ queue: qname= qid=0 pqname= pqid=0 ] [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]