Add dynamic (in-kernel) interface name -> address translation. Instead of

using just the interface name instead of an address and reloading the rule
set whenever the interface changes its address, the interface name can be
put in parentheses, and the kernel will keep track of changes and update
rules. There is no additional cost for evaluating rules (per packet),
the cost occurs when an interface changes address (and the rules are
traversed and updated where necessary).

9 files changed, 51 insertions, 51 deletions

diff --git a/regress/sbin/pfctl/binat1.ok b/regress/sbin/pfctl/binat1.ok
index b7f5dc330e7..6ef8dfeef33 100644
--- a/regress/sbin/pfctl/binat1.ok
+++ b/regress/sbin/pfctl/binat1.ok
@@ -1,9 +1,9 @@
-no binat on lo0 from 192.168.1.1 to 10.1.2.3/32 
-binat on lo0 from 192.168.1.1 to any -> 10.0.0.1
-binat on lo0 proto tcp from 192.168.1.2 to any -> 10.0.0.2
-binat on lo0 proto udp from 192.168.1.3 to any -> 10.0.0.3
-binat on lo0 proto icmp from 192.168.1.4 to any -> 10.0.0.4
-binat on lo0 from 192.168.1.5 to 172.16.1.1/32 -> 10.0.0.5
-binat on lo0 from 192.168.1.6 to 172.16.1.2/32 -> 10.0.0.6
-binat on lo0 from 192.168.1.7 to 172.16.2.0/24 -> 10.0.0.7
-binat on lo0 from 192.168.1.8 to ! 172.17.0.0/16 -> 10.0.0.8
+no binat on lo0 inet from 192.168.1.1 to 10.1.2.3 
+binat on lo0 inet from 192.168.1.1 to any -> 10.0.0.1
+binat on lo0 inet proto tcp from 192.168.1.2 to any -> 10.0.0.2
+binat on lo0 inet proto udp from 192.168.1.3 to any -> 10.0.0.3
+binat on lo0 inet proto icmp from 192.168.1.4 to any -> 10.0.0.4
+binat on lo0 inet from 192.168.1.5 to 172.16.1.1 -> 10.0.0.5
+binat on lo0 inet from 192.168.1.6 to 172.16.1.2 -> 10.0.0.6
+binat on lo0 inet from 192.168.1.7 to 172.16.2.0/24 -> 10.0.0.7
+binat on lo0 inet from 192.168.1.8 to ! 172.17.0.0/16 -> 10.0.0.8
diff --git a/regress/sbin/pfctl/pf1.ok b/regress/sbin/pfctl/pf1.ok
index c9bf8d16971..17ee5b6895f 100644
--- a/regress/sbin/pfctl/pf1.ok
+++ b/regress/sbin/pfctl/pf1.ok
@@ -2,5 +2,5 @@
 @1 pass in all 
 @2 pass in proto tcp from any port <= 1024 to any label foo_bar
 @3 pass in proto tcp from any to any port = smtp 
-@4 pass in inet proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3/32 port != ssh 
-@5 pass in inet proto igmp from 10.0.0.0/8 to 10.1.1.1/32 allow-opts 
+@4 pass in inet proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3 port != ssh 
+@5 pass in inet proto igmp from 10.0.0.0/8 to 10.1.1.1 allow-opts 
diff --git a/regress/sbin/pfctl/pf12.ok b/regress/sbin/pfctl/pf12.ok
index 18d92f75316..b322e017333 100644
--- a/regress/sbin/pfctl/pf12.ok
+++ b/regress/sbin/pfctl/pf12.ok
@@ -1,5 +1,5 @@
-@0 pass in inet from 127.0.0.1/32 to 127.0.0.1/8 
+@0 pass in inet from 127.0.0.1 to 127.0.0.1/8 
 @1 pass in inet from 127.0.0.1/16 to 127.0.0.1/24 
 @2 pass in inet from 127.0.0.1/25 to ! 127.0.0.1/26 
-@3 pass in inet from ! 127.0.0.1/32 to 127.0.0.1/16 
-@4 pass in inet from ! 127.0.0.1/32 to ! 127.0.0.1/8 
+@3 pass in inet from ! 127.0.0.1 to 127.0.0.1/16 
+@4 pass in inet from ! 127.0.0.1 to ! 127.0.0.1/8 
diff --git a/regress/sbin/pfctl/pf13.ok b/regress/sbin/pfctl/pf13.ok
index 00dffe49017..f6c63c34823 100644
--- a/regress/sbin/pfctl/pf13.ok
+++ b/regress/sbin/pfctl/pf13.ok
@@ -2,11 +2,11 @@
 @1 pass in quick on enc0 fastroute inet all 
 @2 pass in quick on enc0 fastroute inet6 all 
 @3 pass out quick on tun0 route-to tun1 all 
-@4 pass out quick on tun0 route-to tun1 inet from any to 192.168.1.1/32 
-@5 pass out quick on tun0 route-to tun1 inet6 from any to fec0::1/128 
+@4 pass out quick on tun0 route-to tun1 inet from any to 192.168.1.1 
+@5 pass out quick on tun0 route-to tun1 inet6 from any to fec0::1 
 @6 block in on tun0 dup-to tun1:192.168.1.1 inet proto tcp from any to any port = ftp 
 @7 block in on tun0 dup-to tun1:fec0::1 inet6 proto tcp from any to any port = ftp 
-@8 pass in quick on tun0 route-to tun1 inet from 192.168.1.1/32 to 10.1.1.1/32 
-@9 pass in quick on tun0 route-to tun1 inet6 from fec0::1/64 to fec1::2/128 
-@10 pass in quick on tun0 dup-to tun1:192.168.1.100 inet from 192.168.1.1/32 to 10.1.1.1/32 
-@11 pass in quick on tun0 dup-to tun1:fec1::2 inet6 from fec0::1/64 to fec1::2/128 
+@8 pass in quick on tun0 route-to tun1 inet from 192.168.1.1 to 10.1.1.1 
+@9 pass in quick on tun0 route-to tun1 inet6 from fec0::1/64 to fec1::2 
+@10 pass in quick on tun0 dup-to tun1:192.168.1.100 inet from 192.168.1.1 to 10.1.1.1 
+@11 pass in quick on tun0 dup-to tun1:fec1::2 inet6 from fec0::1/64 to fec1::2 
diff --git a/regress/sbin/pfctl/pf2.ok b/regress/sbin/pfctl/pf2.ok
index 9842fbb21a3..503ef536096 100644
--- a/regress/sbin/pfctl/pf2.ok
+++ b/regress/sbin/pfctl/pf2.ok
@@ -4,12 +4,12 @@
 @3 block return-rst in log on tun0 proto tcp all 
 @4 block return-icmp out log on tun0 proto udp all 
 @5 block return-icmp in log on tun0 proto udp all 
-@6 block out log quick on tun0 inet from ! 157.161.48.183/32 to any 
-@7 block in quick on tun0 inet from any to 255.255.255.255/32 
+@6 block out log quick on tun0 inet from ! 157.161.48.183 to any 
+@7 block in quick on tun0 inet from any to 255.255.255.255 
 @8 block in log quick on tun0 inet from 10.0.0.0/8 to any 
 @9 block in log quick on tun0 inet from 172.16.0.0/12 to any 
 @10 block in log quick on tun0 inet from 192.168.0.0/16 to any 
-@11 block in log quick on tun0 inet from 255.255.255.255/32 to any 
+@11 block in log quick on tun0 inet from 255.255.255.255 to any 
 @12 block in log quick from no-route to any 
 @13 pass out on tun0 inet proto icmp all icmp-type echoreq code 0 keep state 
 @14 pass in on tun0 inet proto icmp all icmp-type echoreq code 0 keep state 
diff --git a/regress/sbin/pfctl/pf4.ok b/regress/sbin/pfctl/pf4.ok
index d3c017c357d..8418c4e170f 100644
--- a/regress/sbin/pfctl/pf4.ok
+++ b/regress/sbin/pfctl/pf4.ok
@@ -12,35 +12,35 @@
 @11 block in proto tcp from any port != 1234 to any 
 @12 block in proto tcp from any port 21 >< 2048 to any 
 @13 block in proto tcp from any port = ssh to any 
-@14 block in inet proto udp from 172.16.0.0/12 port = 21 to 12.34.56.78/32 port = 6668 keep state 
-@15 block in inet proto udp from 172.16.0.0/12 port = 21 to 12.34.56.78/32 port = 6667 keep state 
+@14 block in inet proto udp from 172.16.0.0/12 port = 21 to 12.34.56.78 port = 6668 keep state 
+@15 block in inet proto udp from 172.16.0.0/12 port = 21 to 12.34.56.78 port = 6667 keep state 
 @16 block in inet proto udp from 172.16.0.0/12 port = 21 to 192.168.0.0/16 port = 6668 keep state 
 @17 block in inet proto udp from 172.16.0.0/12 port = 21 to 192.168.0.0/16 port = 6667 keep state 
-@18 block in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78/32 port = 6668 keep state 
-@19 block in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78/32 port = 6667 keep state 
+@18 block in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6668 keep state 
+@19 block in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6667 keep state 
 @20 block in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6668 keep state 
 @21 block in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6667 keep state 
-@22 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78/32 port = 6668 keep state 
-@23 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78/32 port = 6667 keep state 
+@22 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78 port = 6668 keep state 
+@23 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78 port = 6667 keep state 
 @24 block in inet proto udp from 10.0.0.0/8 port = 21 to 192.168.0.0/16 port = 6668 keep state 
 @25 block in inet proto udp from 10.0.0.0/8 port = 21 to 192.168.0.0/16 port = 6667 keep state 
-@26 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78/32 port = 6668 keep state 
-@27 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78/32 port = 6667 keep state 
+@26 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6668 keep state 
+@27 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6667 keep state 
 @28 block in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6668 keep state 
 @29 block in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6667 keep state 
-@30 block in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78/32 port = 6668 keep state 
-@31 block in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78/32 port = 6667 keep state 
+@30 block in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6668 keep state 
+@31 block in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6667 keep state 
 @32 block in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6668 keep state 
 @33 block in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6667 keep state 
-@34 block in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78/32 port = 6668 keep state 
-@35 block in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78/32 port = 6667 keep state 
+@34 block in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6668 keep state 
+@35 block in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6667 keep state 
 @36 block in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6668 keep state 
 @37 block in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6667 keep state 
-@38 block in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78/32 port = 6668 keep state 
-@39 block in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78/32 port = 6667 keep state 
+@38 block in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6668 keep state 
+@39 block in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6667 keep state 
 @40 block in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6668 keep state 
 @41 block in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6667 keep state 
-@42 block in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78/32 port = 6668 keep state 
-@43 block in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78/32 port = 6667 keep state 
+@42 block in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6668 keep state 
+@43 block in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6667 keep state 
 @44 block in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6668 keep state 
 @45 block in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6667 keep state 
diff --git a/regress/sbin/pfctl/pf5.ok b/regress/sbin/pfctl/pf5.ok
index 801c08d900c..c2fd7d68543 100644
--- a/regress/sbin/pfctl/pf5.ok
+++ b/regress/sbin/pfctl/pf5.ok
@@ -1,11 +1,11 @@
 foo = ssh, ftp
 bar = other thing
 inside = 10.0.0.0/8
-@0 block in inet proto udp from 10.0.0.0/8 port = 113 to 12.34.56.78/32 port = 16 keep state 
-@1 block in inet proto udp from 10.0.0.0/8 port = 113 to 12.34.56.78/32 port = 6667 keep state 
-@2 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78/32 port = 16 keep state 
-@3 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78/32 port = 6667 keep state 
-@4 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78/32 port = 16 keep state 
-@5 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78/32 port = 6667 keep state 
-@6 block in inet proto udp from 10.0.0.0/8 port = echo to 12.34.56.78/32 port = 16 keep state 
-@7 block in inet proto udp from 10.0.0.0/8 port = echo to 12.34.56.78/32 port = 6667 keep state 
+@0 block in inet proto udp from 10.0.0.0/8 port = 113 to 12.34.56.78 port = 16 keep state 
+@1 block in inet proto udp from 10.0.0.0/8 port = 113 to 12.34.56.78 port = 6667 keep state 
+@2 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78 port = 16 keep state 
+@3 block in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78 port = 6667 keep state 
+@4 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 16 keep state 
+@5 block in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6667 keep state 
+@6 block in inet proto udp from 10.0.0.0/8 port = echo to 12.34.56.78 port = 16 keep state 
+@7 block in inet proto udp from 10.0.0.0/8 port = echo to 12.34.56.78 port = 6667 keep state 
diff --git a/regress/sbin/pfctl/pf7.ok b/regress/sbin/pfctl/pf7.ok
index 16202ac16d8..03119742943 100644
--- a/regress/sbin/pfctl/pf7.ok
+++ b/regress/sbin/pfctl/pf7.ok
@@ -4,12 +4,12 @@
 @3 block return-rst in log on tun0 proto tcp all 
 @4 block return-icmp out log on tun0 proto udp all 
 @5 block return-icmp in log on tun0 proto udp all 
-@6 block out log quick on tun0 inet from ! 157.161.48.183/32 to any 
-@7 block in quick on tun0 inet from any to 255.255.255.255/32 
+@6 block out log quick on tun0 inet from ! 157.161.48.183 to any 
+@7 block in quick on tun0 inet from any to 255.255.255.255 
 @8 block in log quick on tun0 inet from 10.0.0.0/8 to any 
 @9 block in log quick on tun0 inet from 172.16.0.0/12 to any 
 @10 block in log quick on tun0 inet from 192.168.0.0/16 to any 
-@11 block in log quick on tun0 inet from 255.255.255.255/32 to any 
+@11 block in log quick on tun0 inet from 255.255.255.255 to any 
 @12 pass out on tun0 inet proto icmp all icmp-type echoreq code 0 keep state 
 @13 pass in on tun0 inet proto icmp all icmp-type echoreq code 0 keep state 
 @14 pass out on tun0 proto udp all keep state 
diff --git a/regress/sbin/pfctl/pf8.ok b/regress/sbin/pfctl/pf8.ok
index 584758ac97c..fcb4edfa2b5 100644
--- a/regress/sbin/pfctl/pf8.ok
+++ b/regress/sbin/pfctl/pf8.ok
@@ -1,3 +1,3 @@
 extern = { ! 10.0.0.0/8, 10.1.2.3  }
-@0 block out log on tun1 inet from 10.1.2.3/32 to any 
+@0 block out log on tun1 inet from 10.1.2.3 to any 
 @1 block out log on tun1 inet from ! 10.0.0.0/8 to any