diff options
| author |   henning <henning@openbsd.org> | 2008-09-10 09:10:55 +0000 |
|---|---|---|
| committer | henning <henning@openbsd.org> | 2008-09-10 09:10:55 +0000 |
| commit | cfcb6000d792b346bd405b6be4ee7e8e566b0607 (patch) | |
| tree | e3de700f67fe3aba0230da5bff4d69b337a89d64 /sys | |
| parent | re-enable the state key linking. i believe the bugs that hit us shortly (diff) | |
| download | wireguard-openbsd-cfcb6000d792b346bd405b6be4ee7e8e566b0607.tar.xz wireguard-openbsd-cfcb6000d792b346bd405b6be4ee7e8e566b0607.zip | |
icmp_reflect reuses mbufs. call pf_pkt_addr_changed to clear the state
key stuff.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/ip_icmp.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index d5be54b33ca..337490e5b83 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_icmp.c,v 1.81 2008/06/08 18:56:12 claudio Exp $ */ +/* $OpenBSD: ip_icmp.c,v 1.82 2008/09/10 09:10:55 henning Exp $ */ /* $NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $ */ /* @@ -69,6 +69,7 @@ */ #include "carp.h" +#include "pf.h" #include <sys/param.h> #include <sys/systm.h> @@ -93,6 +94,10 @@ #include <netinet/ip_carp.h> #endif +#if NPF > 0 +#include <net/pfvar.h> +#endif + /* * ICMP routines: error generation, receive packet processing, and * routines to turnaround packets back to the originator, and @@ -642,6 +647,10 @@ icmp_reflect(struct mbuf *m) m_freem(m); /* Bad return address */ goto done; /* ip_output() will check for broadcast */ } + +#if NPF > 0 + pf_pkt_addr_changed(m); +#endif t = ip->ip_dst; ip->ip_dst = ip->ip_src; /* |