On 12 January 2014 14:01, Alexander Bluhm <[email protected]> wrote: > Hi, > > There is an awkward behaviour after we have diverted connections > to a socket. When the application removes the socket, the pf state > will persist. A new connection will not hit the divert rule as the > state grabs the packet. > > This is bigger issue with connectionless protocols, but can also > happen with TCP if the connection was canceled before the three way > handshake completed. > > The solution is to clean up the associated divert state when the > socket gets destroyed. This is possible as both are linked together > and a divert state without socket does not make sense. > > Note that this fix does not work for UDP yet as state and socket > are not linked there. I have a diff for that, but it had some > issues. > > ok? > > bluhm >
OK
