diff options
| author | David Gwynne <dlg@cvs.openbsd.org> | 2011-11-25 12:52:11 +0000 |
|---|---|---|
| committer | David Gwynne <dlg@cvs.openbsd.org> | 2011-11-25 12:52:11 +0000 |
| commit | 2c2ac65534ab77b6acd99df373626b6b4a2a125c (patch) | |
| tree | c27e27281c86b724ab57024b8fc7dc4444c72bdc /sys/net/if_pfsync.c | |
| parent | 816430ab77740cb24cdc5ad3f2f39b80d654ed9c (diff) | |
use time_uptime to set state creation values as time_second can be
skewed at runtime by things like date(1) and ntpd. time_uptime is
monotonic and therefore more useful to compare against.
ok deraadt@ mikeb@
Diffstat (limited to 'sys/net/if_pfsync.c')
| -rw-r--r-- | sys/net/if_pfsync.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 660a60f68c9..fad21969a58 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.174 2011/11/16 11:59:28 mikeb Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.175 2011/11/25 12:52:10 dlg Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -441,7 +441,7 @@ pfsync_state_export(struct pfsync_state *sp, struct pf_state *st) /* copy from state */ strlcpy(sp->ifname, st->kif->pfik_name, sizeof(sp->ifname)); bcopy(&st->rt_addr, &sp->rt_addr, sizeof(sp->rt_addr)); - sp->creation = htonl(time_second - st->creation); + sp->creation = htonl(time_uptime - st->creation); sp->expire = pf_state_expires(st); if (sp->expire <= time_second) sp->expire = htonl(0); @@ -589,7 +589,7 @@ pfsync_state_import(struct pfsync_state *sp, int flags) /* copy to state */ bcopy(&sp->rt_addr, &st->rt_addr, sizeof(st->rt_addr)); - st->creation = time_second - ntohl(sp->creation); + st->creation = time_uptime - ntohl(sp->creation); st->expire = time_second; if (sp->expire) { u_int32_t timeout; |