Merge revision 1.715 from OpenBSD:

date: 2010/12/24 20:12:56; author: henning; state: Exp; lines: +3 -3 in pf_src_connlimit, the indices to sk->addr were swapped. tracked down and diff sent by Robert B Mills <rbmills at sdf.lonestar.org> thanks, very good work! ok claudio Impact is that the "flush" keyword didn't work. Obtained from: OpenBSD MFC after: 1 week
svn path=/head/; revision=236671
2012-06-06 09:36:52 +00:00 · 2012-06-06 09:36:52 +00:00 · 40874f18de · 2020-12-20 02:59:44 +00:00
commit 40874f18de
parent 4fb52be9c2
1 changed files with 2 additions and 2 deletions
--- a/sys/contrib/pf/net/pf.c
+++ b/sys/contrib/pf/net/pf.c
@ -643,10 +643,10 @@ pf_src_connlimit(struct pf_state **state)
 				    (*state)->key[PF_SK_WIRE]->af &&
 				    (((*state)->direction == PF_OUT &&
 				    PF_AEQ(&(*state)->src_node->addr,
-					&sk->addr[0], sk->af)) ||
+					&sk->addr[1], sk->af)) ||
 				    ((*state)->direction == PF_IN &&
 				    PF_AEQ(&(*state)->src_node->addr,
-					&sk->addr[1], sk->af))) &&
+					&sk->addr[0], sk->af))) &&
 				    ((*state)->rule.ptr->flush &
 				    PF_FLUSH_GLOBAL ||
 				    (*state)->rule.ptr == st->rule.ptr)) {