diff options
| author | Kajetan Staszkiewicz <ks@FreeBSD.org> | 2025-08-01 19:01:37 +0000 |
|---|---|---|
| committer | Kajetan Staszkiewicz <ks@FreeBSD.org> | 2025-08-29 07:58:40 +0000 |
| commit | 65c318630123fcf2b6f491bf4d02a5cad3031d20 (patch) | |
| tree | a0e18232324f1b84604cff7c997f8b99beb5d34d /sys/fs/mntfs/mntfs_vnops.c | |
| parent | 778bfd4e1033715de6cf21e2e2454bdea2a0f1ab (diff) | |
Now that pf is aware of address family of each pool address and source
tracking uses distinct address family for source and redirection
adddresses it is possible to add a new pool option prefer-ipv6-nexthop
which enables routing of IPv4 packets over IPv6 next hops for rules
with the route-to option.
Add a pool option flag PF_POOL_IPV6NH, apply it to pools with a keyword
prefer-ipv6-nexthop.
Modify pf_map_addr() to handle pools with addresses of different
families. Use *naf as a hint about what address family the forwarded
packet is, then pick from the pool addresses of family that can be used
as a next hop for the forwarded packet, controlled by the PF_POOL_IPV6NH
flag. For NAT pools this flag is never set and thus pf_map_addr()
will return an IP address of the same family as the forwarded packet.
For route-to pools when the flag is enabled IPv6 addresses can be
returned or IPv4 packets.
In pf_route() check rt_af, it is not guaranteed to be AF_INET anymore
because pf_map_addr() could have changed it (as *naf).
Add tests for behaviour of pf_map_addr() both with PF_POOL_IPV6NH and
without, for single IP addresses, prefixes and subnets.
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D50781
Diffstat (limited to 'sys/fs/mntfs/mntfs_vnops.c')
0 files changed, 0 insertions, 0 deletions