pf: Prevent tables referenced by rules in anchors from getting disabled.

PR: 183198 Obtained from: OpenBSD MFC after: 2 weeks
svn path=/head/; revision=340265
2018-11-08 21:54:40 +00:00 · 2018-11-08 21:54:40 +00:00 · 87e4ca37d5 · 2020-12-20 02:59:44 +00:00
commit 87e4ca37d5
parent 0f9e47a9c4
1 changed files with 1 additions and 0 deletions
--- a/sys/netpfil/pf/pf_table.c
+++ b/sys/netpfil/pf/pf_table.c
@ -1754,6 +1754,7 @@ pfr_setflags_ktable(struct pfr_ktable *kt, int newf)
 	PF_RULES_WASSERT();

 	if (!(newf & PFR_TFLAG_REFERENCED) &&
+	    !(newf & PFR_TFLAG_REFDANCHOR) &&
 	    !(newf & PFR_TFLAG_PERSIST))
 		newf &= ~PFR_TFLAG_ACTIVE;
 	if (!(newf & PFR_TFLAG_ACTIVE))