From: sashan <sashan@openbsd.org>
Date: Wed, 16 Feb 2022 08:46:11 +0000 (+0000)
Subject: nat-to round-robin without a pool should fallback to POOL_NONE
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=308aaa404019ba82df3af9e8a13d726fb603ecb2;p=openbsd

nat-to round-robin without a pool should fallback to POOL_NONE
bug reported by giovanni@

OK giovanni@
---

diff --git a/sys/net/pf_lb.c b/sys/net/pf_lb.c
index 65f70ef9102..d106073d372 100644
--- a/sys/net/pf_lb.c
+++ b/sys/net/pf_lb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_lb.c,v 1.69 2021/12/16 02:01:59 sashan Exp $ */
+/*	$OpenBSD: pf_lb.c,v 1.70 2022/02/16 08:46:11 sashan Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -498,6 +498,13 @@ pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr,
 				if (pfr_pool_get(rpool, &raddr, &rmask, af))
 					return (1);
 			}
+		} else if (PF_AZERO(&rpool->counter, af)) {
+			/*
+			 * fall back to POOL_NONE if there are no addresses in
+			 * pool
+			 */
+			pf_addrcpy(naddr, raddr, af);
+			break;
 		} else if (pf_match_addr(0, raddr, rmask, &rpool->counter, af))
 			return (1);