Date: Mon, 25 Aug 2014 15:51:08 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r270577 - stable/10/sys/netpfil/pf Message-ID: <201408251551.s7PFp8Bp073288@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Mon Aug 25 15:51:07 2014 New Revision: 270577 URL: http://svnweb.freebsd.org/changeset/base/270577 Log: Merge r270023 from head: Do not lookup source node twice when pf_map_addr() is used. PR: 184003 Submitted by: Kajetan Staszkiewicz <vegeta tuxpowered.net> Sponsored by: InnoGames GmbH Modified: stable/10/sys/netpfil/pf/pf.c stable/10/sys/netpfil/pf/pf_lb.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/netpfil/pf/pf.c ============================================================================== --- stable/10/sys/netpfil/pf/pf.c Mon Aug 25 15:49:41 2014 (r270576) +++ stable/10/sys/netpfil/pf/pf.c Mon Aug 25 15:51:07 2014 (r270577) @@ -3521,8 +3521,6 @@ pf_create_state(struct pf_rule *r, struc } if (r->rt && r->rt != PF_FASTROUTE) { - struct pf_src_node *sn = NULL; - if (pf_map_addr(pd->af, r, pd->src, &s->rt_addr, NULL, &sn)) { REASON_SET(&reason, PFRES_MAPFAILED); pf_src_tree_remove_state(s); Modified: stable/10/sys/netpfil/pf/pf_lb.c ============================================================================== --- stable/10/sys/netpfil/pf/pf_lb.c Mon Aug 25 15:49:41 2014 (r270576) +++ stable/10/sys/netpfil/pf/pf_lb.c Mon Aug 25 15:51:07 2014 (r270577) @@ -307,22 +307,30 @@ pf_map_addr(sa_family_t af, struct pf_ru struct pf_pool *rpool = &r->rpool; struct pf_addr *raddr = NULL, *rmask = NULL; + /* Try to find a src_node if none was given and this + is a sticky-address rule. */ if (*sn == NULL && r->rpool.opts & PF_POOL_STICKYADDR && - (r->rpool.opts & PF_POOL_TYPEMASK) != PF_POOL_NONE) { + (r->rpool.opts & PF_POOL_TYPEMASK) != PF_POOL_NONE) *sn = pf_find_src_node(saddr, r, af, 0); - if (*sn != NULL && !PF_AZERO(&(*sn)->raddr, af)) { - PF_ACPY(naddr, &(*sn)->raddr, af); - if (V_pf_status.debug >= PF_DEBUG_MISC) { - printf("pf_map_addr: src tracking maps "); - pf_print_host(saddr, 0, af); - printf(" to "); - pf_print_host(naddr, 0, af); - printf("\n"); - } - return (0); + + /* If a src_node was found or explicitly given and it has a non-zero + route address, use this address. A zeroed address is found if the + src node was created just a moment ago in pf_create_state and it + needs to be filled in with routing decision calculated here. */ + if (*sn != NULL && !PF_AZERO(&(*sn)->raddr, af)) { + PF_ACPY(naddr, &(*sn)->raddr, af); + if (V_pf_status.debug >= PF_DEBUG_MISC) { + printf("pf_map_addr: src tracking maps "); + pf_print_host(saddr, 0, af); + printf(" to "); + pf_print_host(naddr, 0, af); + printf("\n"); } + return (0); } + /* Find the route using chosen algorithm. Store the found route + in src_node if it was given or found. */ if (rpool->cur->addr.type == PF_ADDR_NOROUTE) return (1); if (rpool->cur->addr.type == PF_ADDR_DYNIFTL) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201408251551.s7PFp8Bp073288>