diff options
| author | Luiz Otavio O Souza <luiz@netgate.com> | 2017-01-09 19:50:25 -0600 |
|---|---|---|
| committer | Luiz Souza <luiz@netgate.com> | 2017-07-17 21:47:17 -0500 |
| commit | fa0114d27f9a69e3f13f58afa1a63850cd4dc169 (patch) | |
| tree | 4959af2e2eec2a4c3636f9e5cc25d99e00200aa8 | |
| parent | 5220451c59ae584fe77f5060d634d44475db71ed (diff) | |
| download | FreeBSD-src-fa0114d27f9a69e3f13f58afa1a63850cd4dc169.zip FreeBSD-src-fa0114d27f9a69e3f13f58afa1a63850cd4dc169.tar.gz | |
While we always store the interface in the every state, we do not do strict searches based on interface as this will cause issues with multi-wan setups.
Ticket #6986
(cherry picked from commit 114dc4a89011a560c32421ca842ca73f5b29d449)
| -rw-r--r-- | sys/netpfil/pf/pf.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index ce055ac..084072c0 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -1388,7 +1388,8 @@ pf_find_state(struct pfi_kif *kif, struct pf_state_key_cmp *key, u_int dir) /* List is sorted, if-bound states before floating ones. */ TAILQ_FOREACH(s, &sk->states[idx], key_list[idx]) - if (s->kif == V_pfi_all || s->kif == kif) { + /* if (s->kif == V_pfi_all || s->kif == kif) { */ + { PF_STATE_LOCK(s); PF_HASHROW_UNLOCK(kh); if (s->timeout >= PFTM_MAX) { |
