freebsd-dev

History

Kristof Provost 32ece669c2 pf: Fix synproxy Synproxy was accidentally broken by r335569. The 'return (action)' must be executed for every non-PF_PASS result, but the error packet (TCP RST or ICMP error) should only be sent if the packet was dropped (i.e. PF_DROP) and the return flag is set. PR: 229477 Submitted by: Andre Albsmeier <mail AT fbsd.e4m.org> MFC after: 1 week	2018-07-14 10:14:59 +00:00
..
ipfw	Use correct size when we are allocating array for skipto index.	2018-07-12 11:38:18 +00:00
pf	pf: Fix synproxy	2018-07-14 10:14:59 +00:00

Kristof Provost 32ece669c2 pf: Fix synproxy

Synproxy was accidentally broken by r335569. The 'return (action)' must be
executed for every non-PF_PASS result, but the error packet (TCP RST or ICMP
error) should only be sent if the packet was dropped (i.e. PF_DROP) and the
return flag is set.

PR:		229477
Submitted by:	Andre Albsmeier <mail AT fbsd.e4m.org>
MFC after:	1 week

2018-07-14 10:14:59 +00:00

ipfw

Use correct size when we are allocating array for skipto index.

2018-07-12 11:38:18 +00:00

pf: Fix synproxy

2018-07-14 10:14:59 +00:00