From 9ca3286264006d196eeb4a284ca837ca84207a3d Mon Sep 17 00:00:00 2001 From: Lexi Winter Date: Sun, 3 Nov 2024 16:05:05 +0000 Subject: [PATCH] pf: fix build on kernels without "options INET" - IN_LOOPBACK() cannot be used without INET, because it references a VNET symbol vnet_entry_in_loopback_mask. - ip_fillid() is not available without INET. since this codepath is only entered in the AF_INET case, guard it with #ifnet INET. Fixes: 27f54be50bbad ("pf: merge pf_test() and pf_test6()") Fixes: 4f9e688708f1b ("pf: merge pf_scrub_ip() and pf_scrub_ip6()") Reviewed by: kp --- sys/netpfil/pf/pf.c | 2 ++ sys/netpfil/pf/pf_norm.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 17614e1a9995..90ec2b1ed033 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -576,8 +576,10 @@ static bool pf_is_loopback(sa_family_t af, struct pf_addr *addr) { switch (af) { +#ifdef INET case AF_INET: return IN_LOOPBACK(ntohl(addr->v4.s_addr)); +#endif case AF_INET6: return IN6_IS_ADDR_LOOPBACK(&addr->v6); default: diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c index 860580812e3b..8779d599900e 100644 --- a/sys/netpfil/pf/pf_norm.c +++ b/sys/netpfil/pf/pf_norm.c @@ -2224,6 +2224,7 @@ pf_scrub(struct pf_pdesc *pd) } /* random-id, but not for fragments */ +#ifdef INET if (pd->af == AF_INET && pd->act.flags & PFSTATE_RANDOMID && !(h->ip_off & ~htons(IP_DF))) { uint16_t ip_id = h->ip_id; @@ -2231,5 +2232,6 @@ pf_scrub(struct pf_pdesc *pd) ip_fillid(h); h->ip_sum = pf_cksum_fixup(h->ip_sum, ip_id, h->ip_id, 0); } +#endif } #endif