summaryrefslogtreecommitdiff
path: root/sys/net
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2008-10-02 15:12:46 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2008-10-02 15:12:46 +0000
commit7d08047fa5a352aa1290283c9c28329fd7b17473 (patch)
treeddd966b3c9b0d5c8e8250a6f3a16e9e794b29e13 /sys/net
parente00abcef163736430583ff4abd45f99ba5b50c8f (diff)
When redirect is used with sticky-address and a matching pass rule uses
reply-to, the sticky-address in the source tracking pool is overwritten with the reply-to address, resulting in new connections being incorrectly redirected to the reply-to host (instead of the sticky-address host). Prevent this by passing a NULL source node reference to pf_map_addr() when looking up the reply-to host, thus preventing the NAT source node from being overwritten. ok mcbride@ henning@
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/pf.c9
1 files changed, 4 insertions, 5 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index f0622fe0db4..c181f02d5c6 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.622 2008/09/28 14:39:55 jsing Exp $ */
+/* $OpenBSD: pf.c,v 1.623 2008/10/02 15:12:45 jsing Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -2969,6 +2969,7 @@ void
pf_set_rt_ifp(struct pf_state *s, struct pf_addr *saddr)
{
struct pf_rule *r = s->rule.ptr;
+ struct pf_src_node *sn = NULL;
s->rt_kif = NULL;
if (!r->rt || r->rt == PF_FASTROUTE)
@@ -2976,15 +2977,13 @@ pf_set_rt_ifp(struct pf_state *s, struct pf_addr *saddr)
switch (s->key[PF_SK_WIRE]->af) {
#ifdef INET
case AF_INET:
- pf_map_addr(AF_INET, r, saddr, &s->rt_addr, NULL,
- &s->nat_src_node);
+ pf_map_addr(AF_INET, r, saddr, &s->rt_addr, NULL, &sn);
s->rt_kif = r->rpool.cur->kif;
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
- pf_map_addr(AF_INET6, r, saddr, &s->rt_addr, NULL,
- &s->nat_src_node);
+ pf_map_addr(AF_INET6, r, saddr, &s->rt_addr, NULL, &sn);
s->rt_kif = r->rpool.cur->kif;
break;
#endif /* INET6 */