diff options
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netpfil/pf/pf.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 06b67bb..b8ebdc5 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -6508,7 +6508,7 @@ done: continueprocessing: /* - * connections redirected to loopback should not match sockets + * Connections redirected to loopback should match sockets * bound specifically to loopback due to security implications, * see tcp_input() and in_pcblookup_listen(). */ @@ -6517,7 +6517,7 @@ continueprocessing: (s->nat_rule.ptr->action == PF_RDR || s->nat_rule.ptr->action == PF_BINAT) && (ntohl(pd.dst->v4.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) - m->m_flags |= M_SKIP_FIREWALL; + m->m_flags |= M_FASTFWD_OURS; if (action == PF_PASS && r->divert.port && ip_divert_ptr != NULL && !PACKET_LOOPED(&pd)) { |
