system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-09-06 17:18:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
freebsd-src/tests/sys/netpfil/pf
History
Igor Ostapenko 239e24eb0c pf: Handle (*m0)->m_len < sizeof(struct ip) case 
if_enc(4) can pass IPsec payload to pfil(9) with the outer header or without
it. In case of a small packet like ICMP, when mbuf cluster is not used,
everything works fine. Otherwise, the first mbuf in a chain has m_len == 0
if it is asked to strip the outer header. pf was not handling such case, and
erroneous reading of the outer IP header led to unexpected behavior.

Reviewed by:	kp, glebius
Differential Revision:	https://reviews.freebsd.org/D45780
2024-07-02 14:43:46 +02:00
..
ioctl
altq.sh vnet tests: check for if_bridge.ko 2024-06-04 22:16:56 +02:00
anchor.sh pf tests: test longer anchor names 2024-05-28 22:29:38 +02:00
CVE-2019-5597.py
CVE-2019-5598.py
daytime_inetd.conf
debug.sh pf tests: basic debug level test 2024-06-04 14:59:59 +02:00
divapp.c pf: fix pf divert-to loop 2023-10-19 12:12:15 +02:00
divert-to.sh pf tests: fix name and description of divert-to cases 2023-11-20 12:30:18 +01:00
dup.sh
echo_inetd.conf
ether.sh pf tests: make ether:dummynet test a little more robust 2024-06-04 14:59:59 +02:00
forward.sh
frag-overindex.py
frag-overlimit.py
frag-overreplace.py
frag6.py
fragcommon.py
fragmentation_compat.sh pf: Fix packet reassembly 2023-10-26 15:25:44 +02:00
fragmentation_no_reassembly.sh pf: Fix packet reassembly 2023-10-26 15:25:44 +02:00
fragmentation_pass.sh pf tests: dummynet + nat fragmentation test 2024-01-15 14:02:02 +01:00
get_state.sh
icmp.sh
if_enc.sh pf: Handle (*m0)->m_len < sizeof(struct ip) case 2024-07-02 14:43:46 +02:00
killstate.sh pf tests: add a test for killing states by NAT address 2023-10-23 16:37:05 +02:00
limits.sh pf: migrate DIOCGETLIMIT/DIOCSETLIMIT to netlink 2024-06-07 20:59:02 +02:00
loginterface.sh pf: convert DIOCSETSTATUSIF to netlink 2024-03-19 16:30:08 +01:00
macro.sh
Makefile pf: Handle (*m0)->m_len < sizeof(struct ip) case 2024-07-02 14:43:46 +02:00
Makefile.depend dirdeps: Update Makefile.depend* files with empty contents 2023-10-29 17:01:04 -04:00
map_e.sh
match.sh
modulate.sh
names.sh
nat.sh
nat66.py pf tests: fix REQUIRED_MODULES typo 2024-05-03 09:51:37 +02:00
pass_block.sh pf: implement start/stop calls via netlink 2023-10-13 09:53:22 +02:00
pflog.sh pf tests: ensure that pflog shows malformed packets as blocked, not passed 2024-01-04 23:08:08 +01:00
pflow.sh pflow: limit to no more than 128 flow exporters 2024-01-22 18:02:10 +01:00
pfsync.sh vnet tests: check for if_bridge.ko 2024-06-04 22:16:56 +02:00
pfsync_defer.py
pft_ether.py
pft_read_ipfix.py pf tests: test pflow NAT state information 2024-01-16 09:45:55 +01:00
prio.sh
proxy.sh
rdr.sh pf: Correct SPDX identifier 2024-02-23 15:58:38 +00:00
ridentifier.sh
route_to.sh pf: fix reply-to after rdr and dummynet 2024-03-28 17:06:01 +01:00
rtable.sh
rules_counter.sh pf tests: test keepcounters when we exceed 32 bits 2024-06-21 13:49:17 +02:00
scrub.sh
scrub_compat.sh
scrub_pass.sh
sctp.py pf: always create multihomed states as floating 2023-11-17 23:33:43 +01:00
sctp.sh pf tests: test setting and retrieving timeout values 2024-06-06 20:46:19 +02:00
set_skip.sh
set_tos.sh
src_track.sh
status.sh pf tests: basic status get/clear test 2024-06-04 14:59:58 +02:00
syncookie.sh
synproxy.sh
table.sh
tcp.sh vnet tests: check for if_bridge.ko 2024-06-04 22:16:56 +02:00
tos.sh
utils.subr pf tests: initial pflow test case 2024-01-16 09:45:54 +01:00