git: 116eabaa0b5d - main - pf: when calculating the ruleset's checksum, skip automatic table names.

The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=116eabaa0b5df490be19715fc032affbcda3f016

commit 116eabaa0b5df490be19715fc032affbcda3f016
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-07-07 09:40:49 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-07-12 09:57:52 +0000

    pf: when calculating the ruleset's checksum, skip automatic table names.
    
    the checksum is exclusively used for pfsync to verify rulesets are identical
    on all nodes. the automatic table names are random and have a near zero
    chance to match. found at a customer in zurich
    ok sashan kn
    
    Obtained from:  OpenBSD, henning <henning@openbsd.org>, 7f1a6fd2a8
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sys/netpfil/pf/pf_ioctl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index c96741023db9..c14211edf10f 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1274,7 +1274,9 @@ pf_hash_rule_addr(MD5_CTX *ctx, struct pf_rule_addr *pfr)
 			PF_MD5_UPD(pfr, addr.iflags);
 			break;
 		case PF_ADDR_TABLE:
-			PF_MD5_UPD(pfr, addr.v.tblname);
+			if (strncmp(pfr->addr.v.tblname, PF_OPTIMIZER_TABLE_PFX,
+			    strlen(PF_OPTIMIZER_TABLE_PFX)))
+				PF_MD5_UPD(pfr, addr.v.tblname);
 			break;
 		case PF_ADDR_ADDRMASK:
 			/* XXX ignore af? */