use pd->rdomain for the PF_MISMATCHAW checks in pf_test_fragment instead of

hardcoding 0.
roughly almost a bit equivalent to what pf_test_rule does. changing the
rdomain for not reassembled fragments is not going to work ever, so the
full dance pf_test_rule does doesn't make sense here.
speaking of sense, I don't see anything remotely resembling sense in
pf filtering on fragments without reassembling them first.
with/ok claudio

1 files changed, 3 insertions, 3 deletions

diff --git a/sys/net/pf.c b/sys/net/pf.c
index 33c9b22eca0..bd113781e8c 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf.c,v 1.711 2010/09/24 02:15:00 henning Exp $ */
+/*	$OpenBSD: pf.c,v 1.712 2010/09/24 02:22:37 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -3439,10 +3439,10 @@ pf_test_fragment(struct pf_rule **rm, int direction, struct pfi_kif *kif,
 		else if (r->proto && r->proto != pd->proto)
 			r = r->skip[PF_SKIP_PROTO].ptr;
 		else if (PF_MISMATCHAW(&r->src.addr, pd->src, af,
-		    r->src.neg, kif, /* XXX rdomain */ 0))
+		    r->src.neg, kif, pd->rdomain))
 			r = r->skip[PF_SKIP_SRC_ADDR].ptr;
 		else if (PF_MISMATCHAW(&r->dst.addr, pd->dst, af,
-		    r->dst.neg, NULL, /* XXX rdomain */ 0))
+		    r->dst.neg, NULL, pd->rdomain))
 			r = r->skip[PF_SKIP_DST_ADDR].ptr;
 		else if (r->tos && !(r->tos == pd->tos))
 			r = TAILQ_NEXT(r, entries);