diff options
| author |   sashan <sashan@openbsd.org> | 2019-07-18 20:45:10 +0000 |
|---|---|---|
| committer | sashan <sashan@openbsd.org> | 2019-07-18 20:45:10 +0000 |
| commit | 745adf1799919f3eb95fc0da8a5d722933d660d9 (patch) | |
| tree | 8f4dec4225ee25effb61d2aedf0647a831d30f40 | |
| parent | Fix unveiling nonexistent files on read-only filesystems (diff) | |
| download | wireguard-openbsd-745adf1799919f3eb95fc0da8a5d722933d660d9.tar.xz wireguard-openbsd-745adf1799919f3eb95fc0da8a5d722933d660d9.zip | |
follow up to 'once rule' expiration
ok lteo@
| -rw-r--r-- | sys/net/pf.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index b858c43963b..bc33fa723ea 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.1086 2019/07/18 02:03:46 lteo Exp $ */ +/* $OpenBSD: pf.c,v 1.1087 2019/07/18 20:45:10 sashan Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -3963,8 +3963,9 @@ pf_test_rule(struct pf_pdesc *pd, struct pf_rule **rm, struct pf_state **sm, * insert an expired rule to gcl. */ rule_flag = r->rule_flag; - if (atomic_cas_uint(&r->rule_flag, rule_flag, - rule_flag | PFRULE_EXPIRED) == rule_flag) { + if (((rule_flag & PFRULE_EXPIRED) == 0) && + atomic_cas_uint(&r->rule_flag, rule_flag, + rule_flag | PFRULE_EXPIRED) == rule_flag) { r->exptime = time_second; SLIST_INSERT_HEAD(&pf_rule_gcl, r, gcle); } |