diff options
author | Kristof Provost <kp@FreeBSD.org> | 2025-01-09 13:31:22 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2025-01-14 08:54:20 +0000 |
commit | d90854a60a919fc574d1786486f85394f53ce2dd (patch) | |
tree | e1da53025995c13f73703637f0bae29c88fe52b6 | |
parent | 3b79f6d2d39405bcac395dc036ceb6f8fd09ce99 (diff) |
pf: reset index if it's outside the table
when table content changes we need to reset index
to the initial value and do not use the counter;
reported by Sebastian Benoit and Daniel Krambrock,
tested by Sebastian Benoit, ok henning zinke
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, dba347c9d1
Sponsored by: Rubicon Communications, LLC ("Netgate")
-rw-r--r-- | sys/netpfil/pf/pf_table.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c index 35c9bd4ab655..03efa0b738da 100644 --- a/sys/netpfil/pf/pf_table.c +++ b/sys/netpfil/pf/pf_table.c @@ -2269,10 +2269,10 @@ pfr_pool_get(struct pfr_ktable *kt, int *pidx, struct pf_addr *counter, return (-1); idx = *pidx; - if (idx >= 0) - use_counter = 1; - if (idx < 0) + if (idx < 0 || idx >= kt->pfrkt_cnt) idx = 0; + else if (counter != NULL) + use_counter = 1; startidx = idx; _next_block: |