pf: add patch from rev 1.553 to patch.c
authorJan Lentfer <Jan.Lentfer@web.de>
Thu, 9 Sep 2010 18:34:04 +0000 (20:34 +0200)
committerJan Lentfer <Jan.Lentfer@web.de>
Thu, 9 Sep 2010 18:40:53 +0000 (20:40 +0200)
    allow RSTs with th_seq == seqlo +- 1, reduces the amount of 'loose state'
    messages, add 'dir=' part to 'loose state' message

sys/net/pf/pf.c

index f18bde6..40064c6 100644 (file)
@@ -1,4 +1,7 @@
 /*     $OpenBSD: pf.c,v 1.552.2.1 2007/11/27 16:37:57 henning Exp $ */
+/* add $OpenBSD: pf.c,v 1.553 2007/08/23 11:15:49 dhartmei Exp $ */
+/* add $OpenBSD: pf.c,v 1.554 2007/08/28 16:09:12 henning Exp $ */
+
 
 /*
  * Copyright (c) 2004 The DragonFly Project.  All rights reserved.
@@ -3998,7 +4001,8 @@ pf_test_state_tcp(struct pf_state **state, int direction, struct pfi_kif *kif,
            (ackskew <= (MAXACKWINDOW << sws)) &&
            /* Acking not more than one window forward */
            ((th->th_flags & TH_RST) == 0 || orig_seq == src->seqlo ||
-           (orig_seq == src->seqlo + 1) || (pd->flags & PFDESC_IP_REAS) == 0)) {
+           (orig_seq == src->seqlo + 1) || (orig_seq + 1 == src->seqlo) ||
+           (pd->flags & PFDESC_IP_REAS) == 0)) {
            /* Require an exact/+1 sequence match on resets when possible */
 
                if (dst->scrub || src->scrub) {
@@ -4093,9 +4097,12 @@ pf_test_state_tcp(struct pf_state **state, int direction, struct pfi_kif *kif,
                        pf_print_state(*state);
                        pf_print_flags(th->th_flags);
                        kprintf(" seq=%u (%u) ack=%u len=%u ackskew=%d "
-                           "pkts=%llu:%llu\n", seq, orig_seq, ack, pd->p_len,
+                           "pkts=%llu:%llu dir=%s,%s\n", seq, orig_seq, ack, pd->p_len,
                            ackskew, (unsigned long long)(*state)->packets[0],
-                           (unsigned long long)(*state)->packets[1]);
+                           (unsigned long long)(*state)->packets[1],
+                           direction == PF_IN ? "in" : "out",
+                           direction == (*state)->state_key->direction ?
+                               "fwd" : "rev");
                }
 
                if (dst->scrub || src->scrub) {