summaryrefslogtreecommitdiffstats
path: root/sys/contrib/pf/net/pf.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/contrib/pf/net/pf.c')
-rw-r--r--sys/contrib/pf/net/pf.c44
1 files changed, 39 insertions, 5 deletions
diff --git a/sys/contrib/pf/net/pf.c b/sys/contrib/pf/net/pf.c
index ca6a86a..d842a78 100644
--- a/sys/contrib/pf/net/pf.c
+++ b/sys/contrib/pf/net/pf.c
@@ -1,5 +1,5 @@
/* $FreeBSD$ */
-/* $OpenBSD: pf.c,v 1.390 2003/09/24 17:18:03 mcbride Exp $ */
+/* $OpenBSD: pf.c,v 1.389.2.2 2004/03/14 00:13:42 brad Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -2686,8 +2686,10 @@ pf_test_tcp(struct pf_rule **rm, struct pf_state **sm, int direction,
}
if (th->th_flags & TH_FIN)
s->src.seqhi++;
+ s->dst.seqlo = 0; /* Haven't seen these yet */
s->dst.seqhi = 1;
s->dst.max_win = 1;
+ s->dst.seqdiff = 0; /* Defer random generation */
s->src.state = TCPS_SYN_SENT;
s->dst.state = TCPS_CLOSED;
#ifdef __FreeBSD__
@@ -2965,7 +2967,15 @@ pf_test_udp(struct pf_rule **rm, struct pf_state **sm, int direction,
s->gwy.port = s->lan.port;
}
}
+ s->src.seqlo = 0;
+ s->src.seqhi = 0;
+ s->src.seqdiff = 0;
+ s->src.max_win = 0;
s->src.state = PFUDPS_SINGLE;
+ s->dst.seqlo = 0;
+ s->dst.seqhi = 0;
+ s->dst.seqdiff = 0;
+ s->dst.max_win = 0;
s->dst.state = PFUDPS_NO_TRAFFIC;
#ifdef __FreeBSD__
s->creation = time_second;
@@ -3221,6 +3231,16 @@ pf_test_icmp(struct pf_rule **rm, struct pf_state **sm, int direction,
s->gwy.port = icmpid;
}
+ s->src.seqlo = 0;
+ s->src.seqhi = 0;
+ s->src.seqdiff = 0;
+ s->src.max_win = 0;
+ s->src.state = 0;
+ s->dst.seqlo = 0;
+ s->dst.seqhi = 0;
+ s->dst.seqdiff = 0;
+ s->dst.max_win = 0;
+ s->dst.state = 0;
#ifdef __FreeBSD__
s->creation = time_second;
s->expire = time_second;
@@ -3438,20 +3458,34 @@ pf_test_other(struct pf_rule **rm, struct pf_state **sm, int direction,
s->af = af;
if (direction == PF_OUT) {
PF_ACPY(&s->gwy.addr, saddr, af);
+ s->gwy.port = 0;
PF_ACPY(&s->ext.addr, daddr, af);
+ s->ext.port = 0;
if (nat != NULL)
PF_ACPY(&s->lan.addr, &baddr, af);
else
PF_ACPY(&s->lan.addr, &s->gwy.addr, af);
+ s->lan.port = 0;
} else {
PF_ACPY(&s->lan.addr, daddr, af);
+ s->lan.port = 0;
PF_ACPY(&s->ext.addr, saddr, af);
+ s->ext.port = 0;
if (rdr != NULL)
PF_ACPY(&s->gwy.addr, &baddr, af);
else
PF_ACPY(&s->gwy.addr, &s->lan.addr, af);
+ s->gwy.port = 0;
}
+ s->src.seqlo = 0;
+ s->src.seqhi = 0;
+ s->src.seqdiff = 0;
+ s->src.max_win = 0;
s->src.state = PFOTHERS_SINGLE;
+ s->dst.seqlo = 0;
+ s->dst.seqhi = 0;
+ s->dst.seqdiff = 0;
+ s->dst.max_win = 0;
s->dst.state = PFOTHERS_NO_TRAFFIC;
#ifdef __FreeBSD__
s->creation = time_second;
@@ -5134,12 +5168,12 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
#else
error = ip_fragment(m0, ifp, ifp->if_mtu);
#endif
-#ifdef __FreeBSD__
- if (error)
-#else
- if (error == EMSGSIZE)
+ if (error) {
+#ifndef __FreeBSD__ /* ip_fragment does not do m_freem() on FreeBSD */
+ m0 = NULL;
#endif
goto bad;
+ }
for (m0 = m1; m0; m0 = m1) {
m1 = m0->m_nextpkt;
OpenPOWER on IntegriCloud