Bug 194592 - pf not adding all IP addresses when hostname used in table
Summary: pf not adding all IP addresses when hostname used in table
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.0-RELEASE
Hardware: amd64 Any
: --- Affects Many People
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-10-25 10:20 UTC by Jason Mann
Modified: 2014-12-17 12:43 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Mann 2014-10-25 10:20:50 UTC
- Overview:

The pf.conf(5) man page states the following under the TABLES section:

"In addition to being specified by IP address, hosts may also be specified by their hostname.  When the resolver is called to add a hostname to a table, all resulting IPv4 and IPv6 addresses are placed into the table."

pf is not exhibiting this behaviour.  It is failing to add IPv6 addresses when a table is initialised from a file containing a hostname that resolves to both an IPv4 and IPv6 address:

This is either a bug in pf, or an inaccuracy in the pf man page.


- Steps to Reproduce:

1. Create a file to be used to initialise a pf table, containing a hostname that resolves to both an IPv4 and and IPv6 address.
2. Add table declaration to pf.conf referencing the file
3. Reload pf configuration
4. Use pfctl to check entries in the table


- Actual Results:

# dig +short any beastie.b0rken.org
31.193.132.199
2a02:af8:1000:e6::1fc1:84c7

# cat /etc/pf.table.test
beastie.b0rken.org

# grep "<test>" /etc/pf.conf
table <test> persist file "/etc/pf.table.test"

# pfctl -Ts -t test
   31.193.132.199


- Expected Results:

# pfctl -Ts -t test
   31.193.132.199
   2a02:af8:1000:e6::1fc1:84c7
Comment 1 Jason Mann 2014-11-17 09:40:03 UTC
This issue appears to be fixed in 10.1-RELEASE:

# pfctl -t test -T show
   31.193.132.199
   2a02:af8:1000:e6::1fc1:84c7
Comment 2 Harrison Grundy 2014-12-17 12:43:50 UTC
Fixed in 10 per reporter.