diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2009-04-15 13:10:39 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2009-04-15 13:10:39 +0000 |
commit | 76325609b708b1e8f76e3fd663a43fbed6f389fa (patch) | |
tree | ffdb04d69a1893f7b78090fe126f6403a5b4f5a3 /sys/net | |
parent | 2c370f9ef0e25a7dcaf0ed6c098c81bc3ac6119b (diff) |
little dose of scrubbing after the monster changes:
correctly inherit queue stuff, tag, rtableid from the rule if we have no
state
some logic simplification and removal of redundant checks
ok dlg
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/pf.c | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index acdb1dd6db6..d3f7ff3a59b 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.643 2009/04/15 05:14:45 david Exp $ */ +/* $OpenBSD: pf.c,v 1.644 2009/04/15 13:10:38 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -5381,6 +5381,7 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf **m0, struct pf_ruleset *ruleset = NULL; struct pf_pdesc pd; int off, dirndx, pqid = 0; + u_int16_t qid; if (!pf_status.running) return (PF_PASS); @@ -5583,25 +5584,29 @@ done: ("pf: dropping packet with ip options\n")); } - if (s) + if (s) { pf_scrub_ip(&m, s->state_flags, s->min_ttl, s->set_tos); - else + pf_tag_packet(m, s->tag, s->rtableid); + if (pqid || (pd.tos & IPTOS_LOWDELAY)) + qid = s->pqid; + else + qid = s->qid; + } else { pf_scrub_ip(&m, r->scrub_flags, r->min_ttl, r->set_tos); - - if (s && (s->tag || s->rtableid)) - pf_tag_packet(m, s ? s->tag : 0, s->rtableid); + pf_tag_packet(m, r->tag, r->rtableid); + if (pqid || (pd.tos & IPTOS_LOWDELAY)) + qid = r->pqid; + else + qid = r->qid; + } if (dir == PF_IN && s && s->key[PF_SK_STACK]) m->m_pkthdr.pf.statekey = s->key[PF_SK_STACK]; #ifdef ALTQ - if (action == PF_PASS && s && s->qid) { - if (pqid || (pd.tos & IPTOS_LOWDELAY)) - m->m_pkthdr.pf.qid = s->pqid; - else - m->m_pkthdr.pf.qid = s->qid; - /* add hints for ecn */ - m->m_pkthdr.pf.hdr = h; + if (action == PF_PASS && qid) { + m->m_pkthdr.pf.qid = qid; + m->m_pkthdr.pf.hdr = h; /* hints for ecn */ } #endif /* ALTQ */ |