(no subject)

[Matthieu Michaud]

dear pf hackers,

i have a simple question about pf's behavior. there is something i  
don't understand in this piece of code :

http://fxr.watson.org/fxr/source/contrib/pf/net/pf.c#L2971

2971                 inp = in_pcblookup_hash(pi, saddr->v4,  
sport,daddr->v4,
2972                         dport, 0, NULL);
2973                 if (inp == NULL) {
2974                         inp = in_pcblookup_hash(pi, saddr->v4,  
sport,
2975                            daddr->v4, dport,  
INPLOOKUP_WILDCARD,NULL);
2976                         if(inp == NULL) {
2977                                 INP_INFO_RUNLOCK(pi);
2978                                 return (-1);
2979                         }
2980                 }

there is 2 pcb lookups which only differs by its sixth arguments. as  
far as i understand, this is because pf would prefer a result on a  
non wildcard socket than a wildcard one. but, if i'm still correct, a  
single in_pcblookup_hash call already does that :

http://fxr.watson.org/fxr/source/netinet/in_pcb.c#L1010

1010         /*
1011          * First look for an exact match.
1012          */
1013         head = &pcbinfo->ipi_hashbase[INP_PCBHASH(faddr.s_addr,  
lport,fport,
1014             pcbinfo->ipi_hashmask)];
1015         LIST_FOREACH(inp, head, inp_hash) {
1016 #ifdef INET6
1017                 if ((inp->inp_vflag & INP_IPV4) == 0)
1018                         continue;
1019 #endif
1020                 if (inp->inp_faddr.s_addr == faddr.s_addr &&
1021                     inp->inp_laddr.s_addr == laddr.s_addr &&
1022                     inp->inp_fport == fport &&
1023                     inp->inp_lport == lport)
1024                         return (inp);
1025         }
1026
1027         /*
1028          * Then look for a wildcard match, if requested.
1029          */
1030         if (wildcard) {

so why having two calls ?

sorry for the noise if i'm wrong and misunderstanding this piece of  
code. in any case, thanks in advance for your answer.