diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
index 99d3a9c58cb..0f9badd08a0 100644
--- a/sys/netpfil/ipfw/ip_fw2.c
+++ b/sys/netpfil/ipfw/ip_fw2.c
@@ -186,6 +186,10 @@ ipfw_nat_cfg_t *ipfw_nat_del_ptr;
ipfw_nat_cfg_t *ipfw_nat_get_cfg_ptr;
ipfw_nat_cfg_t *ipfw_nat_get_log_ptr;
+VNET_DEFINE(ipfw_hook_t, hook_state) = NULL;
+VNET_DEFINE(ipfw_hook_t, sync_state) = NULL;
+VNET_DEFINE(ipfw_hook_t, sync_alias) = NULL;
+
#ifdef SYSCTL_NODE
uint32_t dummy_def = IPFW_DEFAULT_RULE;
static int sysctl_ipfw_table_num(SYSCTL_HANDLER_ARGS);
@@ -2866,6 +2870,9 @@ do { \
if (cmd->opcode == O_CHECK_STATE)
l = 0; /* exit inner loop */
match = 1;
+
+ if (cmd->opcode == O_CHECK_STATE && V_sync_state)
+ V_sync_state(NULL, NULL);
break;
case O_SKIP_ACTION:
@@ -3200,6 +3207,9 @@ do { \
* non IPv4 packets. Libalias expects only IPv4.
*/
if (!is_ipv4 || !IPFW_NAT_LOADED) {
+ /* purge waiting aliases for sync */
+ if (V_sync_alias)
+ V_sync_alias(NULL, NULL);
retval = IP_FW_DENY;
break;
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>