1: diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
2: index 99d3a9c58cb..0f9badd08a0 100644
3: --- a/sys/netpfil/ipfw/ip_fw2.c
4: +++ b/sys/netpfil/ipfw/ip_fw2.c
5: @@ -186,6 +186,10 @@ ipfw_nat_cfg_t *ipfw_nat_del_ptr;
6: ipfw_nat_cfg_t *ipfw_nat_get_cfg_ptr;
7: ipfw_nat_cfg_t *ipfw_nat_get_log_ptr;
8:
9: +VNET_DEFINE(ipfw_hook_t, hook_state) = NULL;
10: +VNET_DEFINE(ipfw_hook_t, sync_state) = NULL;
11: +VNET_DEFINE(ipfw_hook_t, sync_alias) = NULL;
12: +
13: #ifdef SYSCTL_NODE
14: uint32_t dummy_def = IPFW_DEFAULT_RULE;
15: static int sysctl_ipfw_table_num(SYSCTL_HANDLER_ARGS);
16: @@ -2866,6 +2870,9 @@ do { \
17: if (cmd->opcode == O_CHECK_STATE)
18: l = 0; /* exit inner loop */
19: match = 1;
20: +
21: + if (cmd->opcode == O_CHECK_STATE && V_sync_state)
22: + V_sync_state(NULL, NULL);
23: break;
24:
25: case O_SKIP_ACTION:
26: @@ -3200,6 +3207,9 @@ do { \
27: * non IPv4 packets. Libalias expects only IPv4.
28: */
29: if (!is_ipv4 || !IPFW_NAT_LOADED) {
30: + /* purge waiting aliases for sync */
31: + if (V_sync_alias)
32: + V_sync_alias(NULL, NULL);
33: retval = IP_FW_DENY;
34: break;
35: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>