-/* $OpenBSD: pf_lb.c,v 1.73 2023/01/04 10:31:55 dlg Exp $ */
+/* $OpenBSD: pf_lb.c,v 1.74 2023/05/10 22:42:51 sashan Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
/* XXX bug: icmp states dont use the id on both
* XXX sides (traceroute -I through nat) */
key.port[sidx] = pd->nsport;
+ key.hash = pf_pkt_hash(key.af, key.proto, &key.addr[0],
+ &key.addr[1], key.port[0], key.port[1]);
if (pf_find_state_all(&key, dir, NULL) == NULL) {
*nport = pd->nsport;
return (0);
}
} else if (low == 0 && high == 0) {
key.port[sidx] = pd->nsport;
+ key.hash = pf_pkt_hash(key.af, key.proto, &key.addr[0],
+ &key.addr[1], key.port[0], key.port[1]);
if (pf_find_state_all(&key, dir, NULL) == NULL) {
*nport = pd->nsport;
return (0);
}
} else if (low == high) {
key.port[sidx] = htons(low);
+ key.hash = pf_pkt_hash(key.af, key.proto, &key.addr[0],
+ &key.addr[1], key.port[0], key.port[1]);
if (pf_find_state_all(&key, dir, NULL) == NULL) {
*nport = htons(low);
return (0);
/* low <= cut <= high */
for (tmp = cut; tmp <= high && tmp <= 0xffff; ++tmp) {
key.port[sidx] = htons(tmp);
+ key.hash = pf_pkt_hash(key.af, key.proto,
+ &key.addr[0], &key.addr[1], key.port[0],
+ key.port[1]);
if (pf_find_state_all(&key, dir, NULL) ==
NULL && !in_baddynamic(tmp, pd->proto)) {
*nport = htons(tmp);
tmp = cut;
for (tmp -= 1; tmp >= low && tmp <= 0xffff; --tmp) {
key.port[sidx] = htons(tmp);
+ key.hash = pf_pkt_hash(key.af, key.proto,
+ &key.addr[0], &key.addr[1], key.port[0],
+ key.port[1]);
if (pf_find_state_all(&key, dir, NULL) ==
NULL && !in_baddynamic(tmp, pd->proto)) {
*nport = htons(tmp);
-/* $OpenBSD: pfvar_priv.h,v 1.32 2023/05/08 23:52:36 dlg Exp $ */
+/* $OpenBSD: pfvar_priv.h,v 1.33 2023/05/10 22:42:51 sashan Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
struct pfsync_state_peer *);
void pf_state_peer_ntoh(const struct pfsync_state_peer *,
struct pf_state_peer *);
+u_int16_t pf_pkt_hash(sa_family_t, uint8_t,
+ const struct pf_addr *, const struct pf_addr *,
+ uint16_t, uint16_t);
#endif /* _KERNEL */
projects / openbsd / commitdiff