diff options
author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2015-01-20 17:25:36 +0000 |
---|---|---|
committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2015-01-20 17:25:36 +0000 |
commit | 52ef1f80c283aa859feb09537098b134f58707fc (patch) | |
tree | 1061680de7ed2af342e9521093bfcad28a9ffd27 /sys/net/pf_table.c | |
parent | e248e6feee3ba143b68cea756dff4ade088f435e (diff) |
Prevent tables referenced by rules in anchors from getting disabled.
Analysis and patch by Richard Kojedzinszky, thanks! ok henning
Diffstat (limited to 'sys/net/pf_table.c')
-rw-r--r-- | sys/net/pf_table.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c index 9ee25780988..4e43c4ca539 100644 --- a/sys/net/pf_table.c +++ b/sys/net/pf_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_table.c,v 1.104 2014/12/19 17:14:40 tedu Exp $ */ +/* $OpenBSD: pf_table.c,v 1.105 2015/01/20 17:25:35 mikeb Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -1896,6 +1896,7 @@ pfr_setflags_ktable(struct pfr_ktable *kt, int newf) struct pfr_kentryworkq addrq; if (!(newf & PFR_TFLAG_REFERENCED) && + !(newf & PFR_TFLAG_REFDANCHOR) && !(newf & PFR_TFLAG_PERSIST)) newf &= ~PFR_TFLAG_ACTIVE; if (!(newf & PFR_TFLAG_ACTIVE)) |