Hello Yasuoka,
I'm OK with your change.
However I would like to ask you to do yet another test. I wonder if things
will eventually work on unfixed PF if rules will be constructed as follows:
pfctl -a test -t LB -T add 10.0.0.11@pair102
echo 'pass in on rdomain 102 quick proto tcp to 10.0.0.101 port 8080 \
keep state ( sloppy ) route-to <LB> \
least-states sticky-address' |pfctl -a test -f -
echo 'anchor test' | pfctl -f -
pfctl -e
I suspect the bug you've found and fixed happens when pfctl loads rules
from pf.conf. I think the steps above will take a different route
through the code, which avoids pfr_ina_define() (a.k.a. transactions).
I don't have a test system readily available and I'm just curious
if anything changes or not. Thanks for finding that for me.
As I've said I think your change should go in.
OK sashan
