summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frantzen <frantzen@cvs.openbsd.org>2005-05-26 02:21:30 +0000
committerMike Frantzen <frantzen@cvs.openbsd.org>2005-05-26 02:21:30 +0000
commitc7f0bea4a11079f52c08e58532f33b741e080c40 (patch)
tree06acc704565abec1798348a5617590f7b56dc084
parent70db070782e664fb12edd4a7118efa91f4228c2b (diff)
switch the max_src_{states,conn,conn_rate} from superblock breaks to superblock
optimization barriers to prevent table merging or rule re-ordering ok dhartmei@
-rw-r--r--sbin/pfctl/pfctl_optimize.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/sbin/pfctl/pfctl_optimize.c b/sbin/pfctl/pfctl_optimize.c
index 07d82ee733e..11fcfbfbd98 100644
--- a/sbin/pfctl/pfctl_optimize.c
+++ b/sbin/pfctl/pfctl_optimize.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfctl_optimize.c,v 1.7 2005/05/25 23:58:11 frantzen Exp $ */
+/* $OpenBSD: pfctl_optimize.c,v 1.8 2005/05/26 02:21:29 frantzen Exp $ */
/*
* Copyright (c) 2004 Mike Frantzen <frantzen@openbsd.org>
@@ -109,6 +109,9 @@ struct pf_rule_field {
PF_RULE_FIELD(prob, BARRIER),
PF_RULE_FIELD(max_states, BARRIER),
PF_RULE_FIELD(max_src_nodes, BARRIER),
+ PF_RULE_FIELD(max_src_states, BARRIER),
+ PF_RULE_FIELD(max_src_conn, BARRIER),
+ PF_RULE_FIELD(max_src_conn_rate, BARRIER),
/*
* These fields must be the same between all rules in the same superblock.
@@ -130,8 +133,6 @@ struct pf_rule_field {
PF_RULE_FIELD(return_ttl, BREAK),
PF_RULE_FIELD(overload_tblname, BREAK),
PF_RULE_FIELD(flush, BREAK),
- PF_RULE_FIELD(max_src_conn, BREAK),
- PF_RULE_FIELD(max_src_conn_rate, BREAK),
PF_RULE_FIELD(rpool, BREAK),
/*