d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge revision 1.715 from OpenBSD:

Browse Source 
date: 2010/12/24 20:12:56;  author: henning;  state: Exp;  lines: +3 -3
  in pf_src_connlimit, the indices to sk->addr were swapped.
  tracked down and diff sent by Robert B Mills <rbmills at sdf.lonestar.org>
  thanks, very good work! ok claudio

Impact is that the "flush" keyword didn't work.

Obtained from:	OpenBSD
MFC after:	1 week
This commit is contained in:
Gleb Smirnoff 2012-06-06 09:36:52 +00:00
parent 4fb52be9c2
commit 40874f18de
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/contrib/pf/net/pf.c
View File

@ -643,10 +643,10 @@ pf_src_connlimit(struct pf_state **state)
(*state)->key[PF_SK_WIRE]->af &&
(((*state)->direction == PF_OUT &&
PF_AEQ(&(*state)->src_node->addr,
&sk->addr[0], sk->af)) ||
&sk->addr[1], sk->af)) ||
((*state)->direction == PF_IN &&
PF_AEQ(&(*state)->src_node->addr,
&sk->addr[1], sk->af))) &&
&sk->addr[0], sk->af))) &&
((*state)->rule.ptr->flush &
PF_FLUSH_GLOBAL ||
(*state)->rule.ptr == st->rule.ptr)) {