Date: Fri, 31 Mar 2017 09:26:08 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r316329 - head/sys/netpfil/ipfw Message-ID: <201703310926.v2V9Q8ip069576@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Fri Mar 31 09:26:08 2017 New Revision: 316329 URL: https://svnweb.freebsd.org/changeset/base/316329 Log: Reset the cached state of last lookup in the dynamic states when an external action is completed, but the rule search is continued. External action handler can change the content of @args argument, that is used for dynamic state lookup. Enforce the new lookup to be able install new state, when the search is continued. Obtained from: Yandex LLC MFC after: 1 week Sponsored by: Yandex LLC Modified: head/sys/netpfil/ipfw/ip_fw2.c Modified: head/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- head/sys/netpfil/ipfw/ip_fw2.c Fri Mar 31 09:10:05 2017 (r316328) +++ head/sys/netpfil/ipfw/ip_fw2.c Fri Mar 31 09:26:08 2017 (r316329) @@ -2616,8 +2616,17 @@ do { \ * consider this as rule matching and * update counters. */ - if (retval == 0 && done == 0) + if (retval == 0 && done == 0) { IPFW_INC_RULE_COUNTER(f, pktlen); + /* + * Reset the result of the last + * dynamic state lookup. + * External action can change + * @args content, and it may be + * used for new state lookup later. + */ + dyn_dir = MATCH_UNKNOWN; + } break; default:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703310926.v2V9Q8ip069576>