diff options
Diffstat (limited to 'sys/net/pf_ioctl.c')
-rw-r--r-- | sys/net/pf_ioctl.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 28c08ad989e..420136a43ed 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.28 2002/12/18 18:25:14 henning Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.29 2002/12/18 19:40:41 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -609,8 +609,12 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) * Rules are about to get freed, clear rule pointers in states */ if (ruleset == &pf_main_ruleset) { - RB_FOREACH(n, pf_state_tree, &tree_ext_gwy) - n->state->rule.ptr = NULL; + if (rs_num == PF_RULESET_RULE) + RB_FOREACH(n, pf_state_tree, &tree_ext_gwy) + n->state->rule.ptr = NULL; + else + RB_FOREACH(n, pf_state_tree, &tree_ext_gwy) + n->state->nat_rule = NULL; } old_rules = ruleset->rules[rs_num].active.ptr; ruleset->rules[rs_num].active.ptr = @@ -797,9 +801,12 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) struct pf_tree_node *n; if (ruleset == &pf_main_ruleset) { - RB_FOREACH(n, pf_state_tree, &tree_ext_gwy) + RB_FOREACH(n, pf_state_tree, &tree_ext_gwy) { if (n->state->rule.ptr == oldrule) n->state->rule.ptr = NULL; + if (n->state->nat_rule == oldrule) + n->state->nat_rule = NULL; + } } pf_rm_rule(ruleset->rules[rs_num].active.ptr, oldrule); } else { @@ -887,6 +894,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) s = splsoftnet(); bcopy(&ps->state, state, sizeof(struct pf_state)); state->rule.ptr = NULL; + state->nat_rule = NULL; state->creation = time.tv_sec; state->expire += state->creation; state->packets = 0; |