On Fri, Oct 11, 2013 at 12:09 +0200, Gerhard Roth wrote:
> In January bluhm@ introduced 'data_end' to pf.c:tcp_track_full().
> Now this breaks the handling of non-data packets. They may be rejected
> because the SEQ_GEQ(src->seqhi, data_end) check fails.
>
> The patch below should fix this.
>
Makes sense to me. OK mikeb
> Gerhard
>
>
>
> Index: sys/net/pf.c
> ===================================================================
> RCS file: /cvs/src/sys/net/pf.c,v
> retrieving revision 1.841
> diff -u -p -u -p -r1.841 pf.c
> --- sys/net/pf.c 9 Oct 2013 09:32:01 -0000 1.841
> +++ sys/net/pf.c 11 Oct 2013 09:57:20 -0000
> @@ -3940,7 +3940,7 @@ pf_tcp_track_full(struct pf_pdesc *pd, s
> if (seq == end) {
> /* Ease sequencing restrictions on no data packets */
> seq = src->seqlo;
> - end = seq;
> + data_end = end = seq;
> }
>
> ackskew = dst->seqlo - ack;
>
