Hi,
I often use "route-to" for DSR or balancing routes. It seems there is
no way to know which route is selected for the pf state.
The diff following makes "pfctl -ss" show the route address with
square brackets if any.
example:
all tcp 10.0.0.101:8080 [10.0.0.12] <- 10.1.0.100:45482
ESTABLISHED:ESTABLISHED
all tcp 10.0.0.165:35691 -> 192.168.0.156:22 [10.0.0.2]
ESTABLISHED:ESTABLISHED
ok? comment?
Index: sbin/pfctl/pf_print_state.c
===================================================================
RCS file: /var/cvs/openbsd/src/sbin/pfctl/pf_print_state.c,v
retrieving revision 1.68
diff -u -p -r1.68 pf_print_state.c
--- sbin/pfctl/pf_print_state.c 7 Sep 2018 10:29:22 -0000 1.68
+++ sbin/pfctl/pf_print_state.c 1 Feb 2019 08:53:35 -0000
@@ -241,6 +241,11 @@ print_state(struct pfsync_state *s, int
sk->rdomain, pn, opts);
printf(")");
}
+ if (s->direction == PF_IN && !PF_AZERO(&s->rt_addr, sk->af)) {
+ printf(" [");
+ print_addr_str(sk->af, &s->rt_addr);
+ printf("]");
+ }
if (s->direction == PF_OUT || (afto && s->direction == PF_IN))
printf(" -> ");
else
@@ -254,6 +259,11 @@ print_state(struct pfsync_state *s, int
print_host(&sk->addr[idx], sk->port[idx], sk->af,
sk->rdomain, pn, opts);
printf(")");
+ }
+ if (s->direction == PF_OUT && !PF_AZERO(&s->rt_addr, nk->af)) {
+ printf(" [");
+ print_addr_str(nk->af, &s->rt_addr);
+ printf("]");
}
printf(" ");
