Importing pfSense patch pf_static_tracker.diff

This version fixes the issue with 'State Creations' in pfctl -vvsr.

1 files changed, 14 insertions, 1 deletions

diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 1ee564f..b5577e2 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -234,6 +234,7 @@ struct filter_opts {
 	u_int32_t		 tos;
 	u_int32_t		 dscp;
 	u_int32_t		 prob;
+	u_int32_t		 tracker;
 	struct {
 		int			 action;
 		struct node_state_opt	*options;
@@ -263,6 +264,7 @@ struct filter_opts {
 
 struct antispoof_opts {
 	char			*label;
+	u_int32_t		 tracker;
 	u_int			 rtableid;
 } antispoof_opts;
 
@@ -461,7 +463,7 @@ int	parseport(char *, struct range *r, int);
 %token	RETURNRST RETURNICMP RETURNICMP6 PROTO INET INET6 ALL ANY ICMPTYPE
 %token	ICMP6TYPE CODE KEEP MODULATE STATE PORT RDR NAT BINAT ARROW NODF
 %token	MINTTL ERROR ALLOWOPTS FASTROUTE FILENAME ROUTETO DUPTO REPLYTO NO LABEL SCHEDULE
-%token	NOROUTE URPFFAILED FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DSCP DROP TABLE
+%token	NOROUTE URPFFAILED FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DSCP DROP TABLE TRACKER
 %token	REASSEMBLE FRAGDROP FRAGCROP ANCHOR NATANCHOR RDRANCHOR BINATANCHOR
 %token	SET OPTIMIZATION TIMEOUT LIMIT LOGINTERFACE BLOCKPOLICY RANDOMID
 %token	REQUIREORDER SYNPROXY FINGERPRINTS NOSYNC DEBUG SKIP HOSTID
@@ -1244,6 +1246,7 @@ antispoof	: ANTISPOOF logquick antispoof_ifspc af antispoof_opts {
 				if (rule_label(&r, $5.label))
 					YYERROR;
 				r.rtableid = $5.rtableid;
+				r.cuid = $5.tracker;
 				j = calloc(1, sizeof(struct node_if));
 				if (j == NULL)
 					err(1, "antispoof: calloc");
@@ -1293,6 +1296,7 @@ antispoof	: ANTISPOOF logquick antispoof_ifspc af antispoof_opts {
 					r.logif = $2.logif;
 					r.quick = $2.quick;
 					r.af = $4;
+					r.cuid = $5.tracker;
 					if (rule_label(&r, $5.label))
 						YYERROR;
 					r.rtableid = $5.rtableid;
@@ -1354,6 +1358,9 @@ antispoof_opt	: label	{
 			}
 			antispoof_opts.label = $1;
 		}
+		| TRACKER number {
+			antispoof_opts.tracker = $2;
+		}
 		| RTABLE NUMBER				{
 			if ($2 < 0 || $2 > rt_tableid_max()) {
 				yyerror("invalid rtable id");
@@ -2063,6 +2070,8 @@ pfrule		: action dir logquick interface route af proto fromto
 			if  (rule_schedule(&r, $9.schedule))
 				YYERROR;
 			free($9.schedule);
+			if ($9.tracker)
+				r.cuid = $9.tracker;
 			r.flags = $9.flags.b1;
 			r.flagset = $9.flags.b2;
 			if (($9.flags.b1 & $9.flags.b2) != $9.flags.b1) {
@@ -2513,6 +2522,9 @@ filter_opt	: USER uids {
 			filter_opts.keep.action = $1.action;
 			filter_opts.keep.options = $1.options;
 		}
+		| TRACKER number {
+			filter_opts.tracker = $2;
+		}
 		| FRAGMENT {
 			filter_opts.fragment = 1;
 		}
@@ -5749,6 +5761,7 @@ lookup(char *s)
 		{ "timeout",		TIMEOUT},
 		{ "to",			TO},
 		{ "tos",		TOS},
+		{ "tracker",		TRACKER},
 		{ "ttl",		TTL},
 		{ "upperlimit",		UPPERLIMIT},
 		{ "urpf-failed",	URPFFAILED},