diff options
| author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2005-01-20 18:07:34 +0000 |
|---|---|---|
| committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2005-01-20 18:07:34 +0000 |
| commit | 78329070015493806091632170e6d15e5bcccfa5 (patch) | |
| tree | 9bf85a7e5c850cdacc7fda57ccc672899d5fb645 | |
| parent | b8cf2c3e29e0f438124125b7475045b332867e55 (diff) | |
Use the packet's address family instead of the rule's when selecting a
replacement address for an rdr rule. Some rdr rules have no address family
(when the replacement is a table and no other criterion implies one AF).
In this case, pf would fail to select a replacement address and drop the
packet due to translation failure. Found by Gustavo A. Baratto.
ok mcbride@, henning@, markus@
| -rw-r--r-- | sys/net/pf.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index 750ffefdfa0..d56115fc425 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.477 2005/01/07 18:58:39 mcbride Exp $ */ +/* $OpenBSD: pf.c,v 1.478 2005/01/20 18:07:33 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -2409,7 +2409,7 @@ pf_get_translation(struct pf_pdesc *pd, struct mbuf *m, int off, int direction, } break; case PF_RDR: { - if (pf_map_addr(r->af, r, saddr, naddr, NULL, sn)) + if (pf_map_addr(pd->af, r, saddr, naddr, NULL, sn)) return (NULL); if (r->rpool.proxy_port[1]) { |