summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/net/pf.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 748527cc18f..7492a5dca91 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.612 2008/07/21 15:58:59 david Exp $ */
+/* $OpenBSD: pf.c,v 1.613 2008/07/22 12:31:35 henning Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -3537,12 +3537,15 @@ pf_create_state(struct pf_rule *r, struct pf_rule *nr, struct pf_rule *a,
s->src.state = PF_TCPS_PROXY_SRC;
/* undo NAT changes, if they have taken place */
if (nr != NULL) {
- PF_ACPY(pd->src, &sk->addr[pd->sidx], pd->af);
- PF_ACPY(pd->dst, &sk->addr[pd->didx], pd->af);
+ struct pf_state_key *skt = s->key[PF_SK_WIRE];
+ if (pd->dir == PF_OUT)
+ skt = s->key[PF_SK_STACK];
+ PF_ACPY(pd->src, &skt->addr[pd->sidx], pd->af);
+ PF_ACPY(pd->dst, &skt->addr[pd->didx], pd->af);
if (pd->sport)
- *pd->sport = sk->port[pd->sidx];
+ *pd->sport = skt->port[pd->sidx];
if (pd->dport)
- *pd->dport = sk->port[pd->didx];
+ *pd->dport = skt->port[pd->didx];
if (pd->proto_sum)
*pd->proto_sum = bproto_sum;
if (pd->ip_sum)