svn commit: r335816 - head/sys/netpfil/pf
Kristof Provost
kp at FreeBSD.org
Sat Jun 30 12:51:09 UTC 2018
Author: kp
Date: Sat Jun 30 12:51:08 2018
New Revision: 335816
URL: https://svnweb.freebsd.org/changeset/base/335816
Log:
pfsync: Fix state sync during initial bulk update
States learned via pfsync from a peer with the same ruleset checksum were not
getting assigned to rules like they should because pfsync_in_upd() wasn't
passing the PFSYNC_SI_CKSUM flag along to pfsync_state_import.
PR: 229092
Submitted by: Kajetan Staszkiewicz <vegeta tuxpowered.net>
Obtained from: OpenBSD
MFC after: 1 week
Sponsored by: InnoGames GmbH
Modified:
head/sys/netpfil/pf/if_pfsync.c
Modified: head/sys/netpfil/pf/if_pfsync.c
==============================================================================
--- head/sys/netpfil/pf/if_pfsync.c Sat Jun 30 12:17:50 2018 (r335815)
+++ head/sys/netpfil/pf/if_pfsync.c Sat Jun 30 12:51:08 2018 (r335816)
@@ -869,7 +869,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m,
st = pf_find_state_byid(sp->id, sp->creatorid);
if (st == NULL) {
/* insert the update */
- if (pfsync_state_import(sp, 0))
+ if (pfsync_state_import(sp, pkt->flags))
V_pfsyncstats.pfsyncs_badstate++;
continue;
}
More information about the svn-src-all
mailing list