From dca9c930dacb67e5f09dbbccf27020b7d6373268 Mon Sep 17 00:00:00 2001
From: Poul-Henning Kamp <phk@FreeBSD.org>
Date: Mon, 27 Jun 2005 22:21:42 +0000
Subject: [PATCH] Libalias incorrectly applies proxy rules to the global divert
 socket: it should only look for existing translation entries, not create new
 ones (no matter how it got the idea).

Approved by:	re(scottl)
---
 sys/netinet/libalias/alias.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c
index 0a6a8dfad6d0..aa2bed937dab 100644
--- a/sys/netinet/libalias/alias.c
+++ b/sys/netinet/libalias/alias.c
@@ -936,7 +936,11 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
 
 	tc = (struct tcphdr *)ip_next(pip);
 
-	proxy_type = ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port);
+	if (create)
+		proxy_type =
+		    ProxyCheck(la, pip, &proxy_server_address, &proxy_server_port);
+	else
+		proxy_type = 0;
 
 	if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY))
 		return (PKT_ALIAS_OK);