Do not decrement RST life time if keep_alive is not turned on.

This allows use differen values configured by user for sysctl variable net.inet.ip.fw.dyn_rst_lifetime. Obtained from: Yandex LLC MFC after: 3 weeks Sponsored by: Yandex LLC
2018-10-21 16:44:57 +00:00 · 2018-10-21 16:44:57 +00:00 · 5e43f73087
commit 5e43f73087
parent 96594387aa
1 changed files with 2 additions and 1 deletions
--- a/sys/netpfil/ipfw/ip_fw_dynamic.c
+++ b/sys/netpfil/ipfw/ip_fw_dynamic.c
@ -979,7 +979,8 @@ dyn_update_tcp_state(struct dyn_data *data, const struct ipfw_flow_id *pkt,
 		break;

 	default:
-		if (V_dyn_rst_lifetime >= V_dyn_keepalive_period)
+		if (V_dyn_keepalive != 0 &&
+		    V_dyn_rst_lifetime >= V_dyn_keepalive_period)
 			V_dyn_rst_lifetime = V_dyn_keepalive_period - 1;
 		expire = time_uptime + V_dyn_rst_lifetime;
 	}