summaryrefslogtreecommitdiffstats
path: root/sys/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'sys/contrib')
-rw-r--r--sys/contrib/pf/net/pf.c7
-rw-r--r--sys/contrib/pf/net/pfvar.h1
2 files changed, 8 insertions, 0 deletions
diff --git a/sys/contrib/pf/net/pf.c b/sys/contrib/pf/net/pf.c
index ccdf55f..ae9a82f 100644
--- a/sys/contrib/pf/net/pf.c
+++ b/sys/contrib/pf/net/pf.c
@@ -742,6 +742,9 @@ pf_src_connlimit(struct pf_state **state)
int bad = 0;
(*state)->src_node->conn++;
+#ifdef __FreeBSD__
+ (*state)->local_flags |= PFSTATE_SRC_CONN;
+#endif
pf_add_threshold(&(*state)->src_node->conn_rate);
if ((*state)->rule.ptr->max_src_conn &&
@@ -1074,8 +1077,12 @@ pf_src_tree_remove_state(struct pf_state *s)
if (s->src_node != NULL) {
if (s->proto == IPPROTO_TCP) {
+#ifdef __FreeBSD__
+ if (s->local_flags & PFSTATE_SRC_CONN)
+#else
if (s->src.state == PF_TCPS_PROXY_DST ||
s->timeout >= PFTM_TCP_ESTABLISHED)
+#endif
--s->src_node->conn;
}
if (--s->src_node->states <= 0) {
diff --git a/sys/contrib/pf/net/pfvar.h b/sys/contrib/pf/net/pfvar.h
index 1282d4f..f741130 100644
--- a/sys/contrib/pf/net/pfvar.h
+++ b/sys/contrib/pf/net/pfvar.h
@@ -793,6 +793,7 @@ struct pf_state {
#ifdef __FreeBSD__
u_int8_t local_flags;
#define PFSTATE_EXPIRING 0x01
+#define PFSTATE_SRC_CONN 0x02
#else
u_int8_t pad;
#endif
OpenPOWER on IntegriCloud