| created | 2023-09-10T08:17:32Z |
|---|---|
| begin | 2023-09-07T00:00:00Z |
| end | 2023-09-08T00:00:00Z |
| path | src/sys |
| commits | 6 |
| date | 2023-09-07T01:41:09Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/dev/pci/pcidevs | log | diff | annotate |
| message |
add Mellanox ConnectX-6 Lx from Olivier Croquin |
|||
| date | 2023-09-07T01:41:42Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/dev/pci/pcidevs.h | log | diff | annotate |
| src/sys/dev/pci/pcidevs_data.h | log | diff | annotate | |
| message | regen | |||
| date | 2023-09-07T01:43:46Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/dev/pci/if_mcx.c | log | diff | annotate |
| message |
match on Mellanox ConnectX-6 Lx from and tested by Olivier Croquin ok dlg@ |
|||
| date | 2023-09-07T02:11:26Z | |||
|---|---|---|---|---|
| author | daniel | |||
| files | src/sys/dev/pci/pcidevs | log | diff | annotate |
| message |
add Realtek 8852AE ok kevlo@ |
|||
| date | 2023-09-07T02:12:07Z | |||
|---|---|---|---|---|
| author | daniel | |||
| files | src/sys/dev/pci/pcidevs.h | log | diff | annotate |
| src/sys/dev/pci/pcidevs_data.h | log | diff | annotate | |
| message | regen | |||
| date | 2023-09-07T09:59:43Z | |||
|---|---|---|---|---|
| author | sashan | |||
| files | src/sys/net/pf.c | log | diff | annotate |
| message |
pf(4) ignores 'keep state' and 'nat-to' actions for unsolicited icmp error responses. Fix tightens rule matching logic so icmp error responses no longer match 'keep state' rule. In typical scenarios icmp errors (if solicited) should match existing state. The change is going to bite firewalls which deal with asymmetric routes. In those cases the 'keep state' action should be relaxed to sloppy or new 'no state' rule to explicitly match icmp errors should be added. The issue has been reported by Peter J. Philip (pjp _at_ delphinusdns.org). Discussed with bluhm@ and florian@ OK bluhm@ |
|||