From fa9181508d9f4170f8a35bdfbe349210c30dbceb Mon Sep 17 00:00:00 2001
From: Renato Botelho <renato@netgate.com>
Date: Mon, 17 Aug 2015 13:53:12 -0300
Subject: Importing pfSense patch pf_route_to_daemon_friendly.RELENG_10.diff

---
 sys/netpfil/pf/pf.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 6bfc728..76cfebc 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -5690,6 +5690,12 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
 	if (oifp != ifp) {
 		if (in_broadcast(ip->ip_dst, oifp)) /* XXX: LOCKING of address list?! */
 			return;
+
+		if (s && r->rt == PF_ROUTETO && pd->nat_rule != NULL &&
+			r->direction == PF_OUT && r->direction == dir && pd->pf_mtag->routed < 2) {
+			pf_packet_undo_nat(m0, pd, ntohs(ip->ip_off), s, dir);
+		}
+
 		if (pf_test(PF_OUT, ifp, &m0, NULL) != PF_PASS)
 			goto bad;
 		else if (m0 == NULL)
@@ -5919,6 +5925,13 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
 	       return;
 
 	if (oifp != ifp) {
+
+		if (s && r->rt == PF_ROUTETO && pd->nat_rule != NULL &&
+			r->direction == PF_OUT && r->direction == dir && pd->pf_mtag->routed < 2) {
+			int ip_off =  ((caddr_t)ip6 - m0->m_data) + sizeof(struct ip6_hdr);
+			pf_packet_undo_nat(m0, pd, ip_off, s, dir);
+		}
+
 		if (pf_test6(PF_FWD, ifp, &m0, NULL) != PF_PASS)
 			goto bad;
 		else if (m0 == NULL)
-- 
cgit v1.1