diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2009-04-17 18:37:07 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2009-04-17 18:37:07 +0000 |
| commit | ff020d9b3239bc3cb92247f2a8b19c1891bb0a3c (patch) | |
| tree | e5534e69cdaae63d1190a638c1d22e3443375238 | |
| parent | 27020739510cbeaa433db25f3eae3e47b1bdacdc (diff) | |
move the lastr = r assignment behind the anchor rule check so we don't
ever try to aplly options from the anchor rule if it was the last matching
one but the last matching real rule. it is right but despite begging nobody
has the balls to ok it ;(
| -rw-r--r-- | sys/net/pf.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index d3f7ff3a59b..9639b6a6829 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.644 2009/04/15 13:10:38 henning Exp $ */ +/* $OpenBSD: pf.c,v 1.645 2009/04/17 18:37:06 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -2917,10 +2917,10 @@ pf_test_rule(struct pf_rule **rm, struct pf_state **sm, int direction, r->os_fingerprint))) r = TAILQ_NEXT(r, entries); else { - lastr = r; if (r->tag) tag = r->tag; if (r->anchor == NULL) { + lastr = r; if (r->action == PF_MATCH) { ri = pool_get(&pf_rule_item_pl, PR_NOWAIT); |