1 files changed, 18 insertions, 10 deletions

diff --git a/sys/net/pf.c b/sys/net/pf.c
index a0fc7e6e0ea..f7b0e6404b2 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf.c,v 1.734 2011/04/05 13:48:18 mikeb Exp $ */
+/*	$OpenBSD: pf.c,v 1.735 2011/04/05 15:51:41 sthen Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -6021,6 +6021,7 @@ pf_test6(int fwdir, struct ifnet *ifp, struct mbuf **m0,
 	union pf_headers	 hdrs;
 	int			 off, hdrlen;
 	int			 dir = (fwdir == PF_FWD) ? PF_OUT : fwdir;
+	u_int32_t		 qid, pqid = 0;
 
 	if (!pf_status.running)
 		return (PF_PASS);
@@ -6098,6 +6099,8 @@ pf_test6(int fwdir, struct ifnet *ifp, struct mbuf **m0,
 	switch (pd.proto) {
 
 	case IPPROTO_TCP: {
+		if ((pd.hdr.tcp->th_flags & TH_ACK) && pd.p_len == 0)
+			pqid = 1;
 		action = pf_normalize_tcp(dir, kif, m, 0, off, h, &pd);
 		if (action == PF_DROP)
 			goto done;
@@ -6188,10 +6191,19 @@ done:
 	}
 
 	if (action != PF_DROP) {
-		if (s)
+		if (s) {
 			pf_scrub_ip6(&m, s->min_ttl);
-		else
+			if (pqid || (pd.tos & IPTOS_LOWDELAY))
+				qid = s->pqid;
+			else
+				qid = s->qid;
+		} else {
 			pf_scrub_ip6(&m, r->min_ttl);
+			if (pqid || (pd.tos & IPTOS_LOWDELAY))
+				qid = r->pqid;
+			else
+				qid = r->qid;
+		}
 	}
 	if (s && s->tag)
 		pf_tag_packet(m, s ? s->tag : 0, s->rtableid[pd.didx]);
@@ -6200,13 +6212,9 @@ done:
 		m->m_pkthdr.pf.statekey = s->key[PF_SK_STACK];
 
 #ifdef ALTQ
-	if (action == PF_PASS && s && s->qid) {
-		if (pd.tos & IPTOS_LOWDELAY)
-			m->m_pkthdr.pf.qid = s->pqid;
-		else
-			m->m_pkthdr.pf.qid = s->qid;
-		/* add hints for ecn */
-		m->m_pkthdr.pf.hdr = h;
+	if (action == PF_PASS && qid) {
+		m->m_pkthdr.pf.qid = qid;
+		m->m_pkthdr.pf.hdr = h; /* add hints for ecn */
 	}
 #endif /* ALTQ */