diff options
author | Sebastian Benoit <benno@cvs.openbsd.org> | 2012-03-09 13:50:08 +0000 |
---|---|---|
committer | Sebastian Benoit <benno@cvs.openbsd.org> | 2012-03-09 13:50:08 +0000 |
commit | 0afcfe82839e17adc0960f4aaf722cbf785542d3 (patch) | |
tree | 4b606a79efc1351c6d784c7044c1fd7c7255ff95 /usr.sbin | |
parent | 975afb3296ca54bb21b2bbc5af90ee6a261c4636 (diff) |
set onrdomain and prio when creating pf rules, found by Gabriel Linder.
ok henning@ phessler@ camield@ "looks good to me" mkb@
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/relayd/pfe_filter.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/relayd/pfe_filter.c b/usr.sbin/relayd/pfe_filter.c index 02a528999b5..7e8ee350845 100644 --- a/usr.sbin/relayd/pfe_filter.c +++ b/usr.sbin/relayd/pfe_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfe_filter.c,v 1.47 2011/05/19 08:56:49 reyk Exp $ */ +/* $OpenBSD: pfe_filter.c,v 1.48 2012/03/09 13:50:07 benno Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -439,6 +439,8 @@ sync_ruleset(struct relayd *env, struct rdr *rdr, int enable) rio.rule.dst.port[0] = address->port.val[0]; rio.rule.dst.port[1] = address->port.val[1]; rio.rule.rtableid = -1; /* stay in the main routing table */ + rio.rule.onrdomain = getrtable(); + rio.rule.prio[0] = rio.rule.prio[1] = PF_PRIO_NOTSET; if (rio.rule.proto == IPPROTO_TCP) rio.rule.timeout[PFTM_TCP_ESTABLISHED] = |