summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Hartmeier <dhartmei@cvs.openbsd.org>2002-08-08 14:31:52 +0000
committerDaniel Hartmeier <dhartmei@cvs.openbsd.org>2002-08-08 14:31:52 +0000
commit13eaf0d1ac79f9925e4d05ce6236743ecdbeba41 (patch)
tree14d080c0e9fa91c11fc0ca83ace9b3cab71370a2
parent11b60a9a4291ba3d72c9a0046addf6f9f5e9a883 (diff)
th_flags doesn't have to be equal to TH_SYN to generate modulator, it's
sufficient if TH_SYN is set and TH_ACK is unset, ignore TH_ECN etc. ok frantzen@
-rw-r--r--sys/net/pf.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index d9d79a34eab..922fd1f7a0b 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.240 2002/07/24 17:56:03 dhartmei Exp $ */
+/* $OpenBSD: pf.c,v 1.241 2002/08/08 14:31:51 dhartmei Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1862,8 +1862,8 @@ pf_test_tcp(struct pf_rule **rm, int direction, struct ifnet *ifp,
s->src.seqlo = ntohl(th->th_seq);
s->src.seqhi = s->src.seqlo + len + 1;
- if (th->th_flags == TH_SYN && *rm != NULL
- && (*rm)->keep_state == PF_STATE_MODULATE) {
+ if (th->th_flags & TH_SYN && !(th->th_flags & TH_ACK) &&
+ *rm != NULL && (*rm)->keep_state == PF_STATE_MODULATE) {
/* Generate sequence number modulator */
while ((s->src.seqdiff = arc4random()) == 0)
;