do not write the pf state key pointer to the pkhdr.

effectively disables state key linking and pcb linking - unfortunatly,
there seems to be a bug somewhere in there or triggered by it that
we haven't tracked down yet, so we disable this for now to be on the safe
side for release.
lots of testing and analysis from todd and david.

diff --git a/sys/net/pf.c b/sys/net/pf.c
index 7492a5d..0650e42 100644 (file)
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pf.c,v 1.613 2008/07/22 12:31:35 henning Exp $ */
+/*     $OpenBSD: pf.c,v 1.614 2008/08/02 12:34:37 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -5783,8 +5783,10 @@ done:
        if ((s && s->tag) || r->rtableid)
                pf_tag_packet(m, s ? s->tag : 0, r->rtableid);
 
+#if 0
        if (dir == PF_IN && s && s->key[PF_SK_STACK])
                m->m_pkthdr.pf.statekey = s->key[PF_SK_STACK];
+#endif
 
 #ifdef ALTQ
        if (action == PF_PASS && r->qid) {
@@ -6162,8 +6164,10 @@ done:
        if ((s && s->tag) || r->rtableid)
                pf_tag_packet(m, s ? s->tag : 0, r->rtableid);
 
+#if 0
        if (dir == PF_IN && s && s->key[PF_SK_STACK])
                m->m_pkthdr.pf.statekey = s->key[PF_SK_STACK];
+#endif
 
 #ifdef ALTQ
        if (action == PF_PASS && r->qid) {