From 247e78d2b99f5d6d6137f0983ade1b6d55189a8a Mon Sep 17 00:00:00 2001
From: mikeb <mikeb@openbsd.org>
Date: Tue, 12 Aug 2014 14:42:06 +0000
Subject: [PATCH] Make sure that pf_step_into_anchor always saves a pointer to
 the rule that owns the anchor on the pf anchor stack.  There's no reason why
 we should check for depth here.  As a side effect this makes sure that the
 correct nested anchor gets it's counter bumped instead of the top most.

For the save/restore symmetry pf_step_out_of_anchor is made to always
restore previous value of the anchor rule.  depth == 0 means what we a
at the top (main ruleset).

OK henning
---
 sys/net/pf.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/sys/net/pf.c b/sys/net/pf.c
index dae2d8b24da..b5fdc93ef4c 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf.c,v 1.884 2014/08/12 14:38:27 mikeb Exp $ */
+/*	$OpenBSD: pf.c,v 1.885 2014/08/12 14:42:06 mikeb Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -2668,7 +2668,7 @@ pf_step_into_anchor(int *depth, struct pf_ruleset **rs,
 		log(LOG_ERR, "pf_step_into_anchor: stack overflow\n");
 		*r = TAILQ_NEXT(*r, entries);
 		return;
-	} else if (*depth == 0 && a != NULL)
+	} else if (a != NULL)
 		*a = *r;
 	f = pf_anchor_stack + (*depth)++;
 	f->rs = *rs;
@@ -2713,6 +2713,8 @@ pf_step_out_of_anchor(int *depth, struct pf_ruleset **rs,
 		(*depth)--;
 		if (*depth == 0 && a != NULL)
 			*a = NULL;
+		else if (a != NULL)
+			*a = f->r;
 		*rs = f->rs;
 		if (*match > *depth) {
 			*match = *depth;
-- 
2.20.1