pf: clear PF_TAG_ROUTE_TO for dummynet fast path
Similar to the PF_TAG_DUMMYNET we must also clear the route tag if
dummynet didn't keep the packet. In that case we'd continue immediately
and there'd be no need for the route tag. Keeping it could lead to
unexpected routing of traffic.
See also: 27407a6adc
See also: https://redmine.pfsense.org/issues/14055
Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
parent
9ec48bc31e
commit
a81f5112a0
@ -7076,10 +7076,12 @@ pf_dummynet_route(struct pf_pdesc *pd, int dir, struct pf_kstate *s,
|
||||
if (pf_pdesc_to_dnflow(dir, pd, r, s, &dnflow)) {
|
||||
pd->pf_mtag->flags |= PF_TAG_DUMMYNET;
|
||||
ip_dn_io_ptr(m0, &dnflow);
|
||||
if (*m0 != NULL)
|
||||
if (*m0 != NULL) {
|
||||
pd->pf_mtag->flags &= ~PF_TAG_ROUTE_TO;
|
||||
pd->pf_mtag->flags &= ~PF_TAG_DUMMYNET;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user