On 2013/05/03 02:27, Vitaly Sinilin wrote:
> Looks like the patch was filtered out from the original message.
> So here it is in the body.
Patch had line-wrap problems, here is a cleaned one (but otherwise
untested).
Index: pfvar.h
===================================================================
RCS file: /cvs/src/sys/net/pfvar.h,v
retrieving revision 1.377
diff -u -p -r1.377 pfvar.h
--- pfvar.h 11 Mar 2013 19:48:40 -0000 1.377
+++ pfvar.h 2 May 2013 22:47:52 -0000
@@ -1748,8 +1748,8 @@ extern void
pf_purge_expired_states(u
extern void pf_unlink_state(struct pf_state *);
extern void pf_free_state(struct pf_state *);
extern int pf_state_insert(struct pfi_kif *,
- struct pf_state_key *,
- struct pf_state_key *,
+ struct pf_state_key **,
+ struct pf_state_key **,
struct pf_state *);
int pf_insert_src_node(struct pf_src_node **,
struct pf_rule *, enum pf_sn_types,
@@ -1829,7 +1829,7 @@ int pf_rtlabel_match(struct pf_addr *, s
int pf_socket_lookup(struct pf_pdesc *);
struct pf_state_key *pf_alloc_state_key(int);
void pf_pkt_addr_changed(struct mbuf *);
-int pf_state_key_attach(struct pf_state_key *, struct pf_state *, int);
+int pf_state_key_attach(struct pf_state_key **, struct pf_state *, int);
int pf_translate(struct pf_pdesc *, struct pf_addr *, u_int16_t,
struct pf_addr *, u_int16_t, u_int16_t, int);
int pf_translate_af(struct pf_pdesc *);
Index: pf.c
===================================================================
RCS file: /cvs/src/sys/net/pf.c,v
retrieving revision 1.822
diff -u -p -r1.822 pf.c
--- pf.c 10 Apr 2013 08:50:59 -0000 1.822
+++ pf.c 2 May 2013 22:47:52 -0000
@@ -667,9 +667,10 @@ pf_state_compare_id(struct pf_state *a,
}
int
-pf_state_key_attach(struct pf_state_key *sk, struct pf_state *s, int idx)
+pf_state_key_attach(struct pf_state_key **skp, struct pf_state *s, int idx)
{
struct pf_state_item *si;
+ struct pf_state_key *sk = *skp;
struct pf_state_key *cur;
struct pf_state *olds = NULL;
@@ -718,6 +719,7 @@ pf_state_key_attach(struct pf_state_key
}
pool_put(&pf_state_key_pl, sk);
s->key[idx] = cur;
+ *skp = cur;
} else
s->key[idx] = sk;
@@ -916,13 +918,13 @@ pf_state_key_setup(struct pf_pdesc *pd,
}
int
-pf_state_insert(struct pfi_kif *kif, struct pf_state_key *skw,
- struct pf_state_key *sks, struct pf_state *s)
+pf_state_insert(struct pfi_kif *kif, struct pf_state_key **skw,
+ struct pf_state_key **sks, struct pf_state *s)
{
splsoftassert(IPL_SOFTNET);
s->kif = kif;
- if (skw == sks) {
+ if (*skw == *sks) {
if (pf_state_key_attach(skw, s, PF_SK_WIRE))
return (-1);
s->key[PF_SK_STACK] = s->key[PF_SK_WIRE];
@@ -3789,7 +3791,7 @@ pf_create_state(struct pf_pdesc *pd, str
goto csfailed;
}
- if (pf_state_insert(BOUND_IFACE(r, pd->kif), *skw, *sks, s)) {
+ if (pf_state_insert(BOUND_IFACE(r, pd->kif), skw, sks, s)) {
pf_state_key_detach(s, PF_SK_STACK);
pf_state_key_detach(s, PF_SK_WIRE);
*sks = *skw = NULL;
Index: if_pfsync.c
===================================================================
RCS file: /cvs/src/sys/net/if_pfsync.c,v
retrieving revision 1.197
diff -u -p -r1.197 if_pfsync.c
--- if_pfsync.c 28 Mar 2013 16:45:16 -0000 1.197
+++ if_pfsync.c 2 May 2013 22:47:52 -0000
@@ -612,7 +612,7 @@ pfsync_state_import(struct pfsync_state
if (!ISSET(flags, PFSYNC_SI_IOCTL))
SET(st->state_flags, PFSTATE_NOSYNC);
- if (pf_state_insert(kif, skw, sks, st) != 0) {
+ if (pf_state_insert(kif, &skw, &sks, st) != 0) {
/* XXX when we have anchors, use STATE_DEC_COUNTERS */
r->states_cur--;
error = EEXIST;
