summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/net/pf.c28
1 files changed, 18 insertions, 10 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index a0fc7e6e0ea..f7b0e6404b2 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.734 2011/04/05 13:48:18 mikeb Exp $ */
+/* $OpenBSD: pf.c,v 1.735 2011/04/05 15:51:41 sthen Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -6021,6 +6021,7 @@ pf_test6(int fwdir, struct ifnet *ifp, struct mbuf **m0,
union pf_headers hdrs;
int off, hdrlen;
int dir = (fwdir == PF_FWD) ? PF_OUT : fwdir;
+ u_int32_t qid, pqid = 0;
if (!pf_status.running)
return (PF_PASS);
@@ -6098,6 +6099,8 @@ pf_test6(int fwdir, struct ifnet *ifp, struct mbuf **m0,
switch (pd.proto) {
case IPPROTO_TCP: {
+ if ((pd.hdr.tcp->th_flags & TH_ACK) && pd.p_len == 0)
+ pqid = 1;
action = pf_normalize_tcp(dir, kif, m, 0, off, h, &pd);
if (action == PF_DROP)
goto done;
@@ -6188,10 +6191,19 @@ done:
}
if (action != PF_DROP) {
- if (s)
+ if (s) {
pf_scrub_ip6(&m, s->min_ttl);
- else
+ if (pqid || (pd.tos & IPTOS_LOWDELAY))
+ qid = s->pqid;
+ else
+ qid = s->qid;
+ } else {
pf_scrub_ip6(&m, r->min_ttl);
+ if (pqid || (pd.tos & IPTOS_LOWDELAY))
+ qid = r->pqid;
+ else
+ qid = r->qid;
+ }
}
if (s && s->tag)
pf_tag_packet(m, s ? s->tag : 0, s->rtableid[pd.didx]);
@@ -6200,13 +6212,9 @@ done:
m->m_pkthdr.pf.statekey = s->key[PF_SK_STACK];
#ifdef ALTQ
- if (action == PF_PASS && s && s->qid) {
- if (pd.tos & IPTOS_LOWDELAY)
- m->m_pkthdr.pf.qid = s->pqid;
- else
- m->m_pkthdr.pf.qid = s->qid;
- /* add hints for ecn */
- m->m_pkthdr.pf.hdr = h;
+ if (action == PF_PASS && qid) {
+ m->m_pkthdr.pf.qid = qid;
+ m->m_pkthdr.pf.hdr = h; /* add hints for ecn */
}
#endif /* ALTQ */