diff options
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/if_pfsync.c | 32 | ||||
-rw-r--r-- | sys/net/pf.c | 22 |
2 files changed, 19 insertions, 35 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 01acf4cb394..029c8f36f05 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.279 2020/12/12 11:49:02 jan Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.280 2021/01/04 12:48:27 bluhm Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -612,7 +612,7 @@ pfsync_state_import(struct pfsync_state *sp, int flags) st->rtableid[PF_SK_STACK] = ntohl(sp->rtableid[PF_SK_STACK]); /* copy to state */ - bcopy(&sp->rt_addr, &st->rt_addr, sizeof(st->rt_addr)); + st->rt_addr = sp->rt_addr; st->creation = getuptime() - ntohl(sp->creation); st->expire = getuptime(); if (ntohl(sp->expire)) { @@ -1843,6 +1843,7 @@ pfsync_undefer(struct pfsync_deferral *pd, int drop) { struct pfsync_softc *sc = pfsyncif; struct pf_pdesc pdesc; + struct pf_state *st = pd->pd_st; NET_ASSERT_LOCKED(); @@ -1852,35 +1853,32 @@ pfsync_undefer(struct pfsync_deferral *pd, int drop) TAILQ_REMOVE(&sc->sc_deferrals, pd, pd_entry); sc->sc_deferred--; - CLR(pd->pd_st->state_flags, PFSTATE_ACK); + CLR(st->state_flags, PFSTATE_ACK); if (drop) m_freem(pd->pd_m); else { - if (pd->pd_st->rule.ptr->rt == PF_ROUTETO) { - if (pf_setup_pdesc(&pdesc, - pd->pd_st->key[PF_SK_WIRE]->af, - pd->pd_st->direction, pd->pd_st->rt_kif, - pd->pd_m, NULL) != PF_PASS) { + if (st->rule.ptr->rt == PF_ROUTETO) { + if (pf_setup_pdesc(&pdesc, st->key[PF_SK_WIRE]->af, + st->direction, st->kif, pd->pd_m, NULL) != + PF_PASS) { m_freem(pd->pd_m); goto out; } - switch (pd->pd_st->key[PF_SK_WIRE]->af) { + switch (st->key[PF_SK_WIRE]->af) { case AF_INET: - pf_route(&pdesc, - pd->pd_st->rule.ptr, pd->pd_st); + pf_route(&pdesc, st->rule.ptr, st); break; #ifdef INET6 case AF_INET6: - pf_route6(&pdesc, - pd->pd_st->rule.ptr, pd->pd_st); + pf_route6(&pdesc, st->rule.ptr, st); break; #endif /* INET6 */ default: - unhandled_af(pd->pd_st->key[PF_SK_WIRE]->af); + unhandled_af(st->key[PF_SK_WIRE]->af); } pd->pd_m = pdesc.m; } else { - switch (pd->pd_st->key[PF_SK_WIRE]->af) { + switch (st->key[PF_SK_WIRE]->af) { case AF_INET: ip_output(pd->pd_m, NULL, NULL, 0, NULL, NULL, 0); @@ -1892,12 +1890,12 @@ pfsync_undefer(struct pfsync_deferral *pd, int drop) break; #endif /* INET6 */ default: - unhandled_af(pd->pd_st->key[PF_SK_WIRE]->af); + unhandled_af(st->key[PF_SK_WIRE]->af); } } } out: - pf_state_unref(pd->pd_st); + pf_state_unref(st); pool_put(&sc->sc_pool, pd); } diff --git a/sys/net/pf.c b/sys/net/pf.c index f65b77aa487..de6b0381901 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.1096 2020/12/10 06:40:22 dlg Exp $ */ +/* $OpenBSD: pf.c,v 1.1097 2021/01/04 12:48:27 bluhm Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1186,7 +1186,7 @@ pf_state_export(struct pfsync_state *sp, struct pf_state *st) /* copy from state */ strlcpy(sp->ifname, st->kif->pfik_name, sizeof(sp->ifname)); - memcpy(&sp->rt_addr, &st->rt_addr, sizeof(sp->rt_addr)); + sp->rt_addr = st->rt_addr; sp->creation = htonl(getuptime() - st->creation); expire = pf_state_expires(st); if (expire <= getuptime()) @@ -3437,21 +3437,8 @@ pf_set_rt_ifp(struct pf_state *s, struct pf_addr *saddr, sa_family_t af, if (!r->rt) return (0); - switch (af) { - case AF_INET: - rv = pf_map_addr(AF_INET, r, saddr, &s->rt_addr, NULL, sns, - &r->route, PF_SN_ROUTE); - break; -#ifdef INET6 - case AF_INET6: - rv = pf_map_addr(AF_INET6, r, saddr, &s->rt_addr, NULL, sns, - &r->route, PF_SN_ROUTE); - break; -#endif /* INET6 */ - default: - rv = 1; - } - + rv = pf_map_addr(af, r, saddr, &s->rt_addr, NULL, sns, + &r->route, PF_SN_ROUTE); if (rv == 0) { s->rt_kif = r->route.kif; s->natrule.ptr = r; @@ -6271,7 +6258,6 @@ bad: } #endif /* INET6 */ - /* * check TCP checksum and set mbuf flag * off is the offset where the protocol header starts |