d697e40372
Apply OpenBSD src/sys/net/pf.c rev 1.486 and 1.487: 1.486: When synproxy sends packets to the destination host, make sure to copy the 'tag' from the original state entry into the outgoing mbuf. 1.487: When synproxy completes the replayed handshake and modifies the state into a normal one, it sets both peers' sequence windows. Fix a bug where the previously advertised windows are applied to the wrong side (i.e. peer A's seqhi is peer A's seqlo plus peer B's, not A's, window). This went undetected because mostly the windows are similar and/or re- advertised soon. But there are (rare) cases where a synproxy'd connection would stall right after handshake. Found by Gleb Smirnoff. |
||
|---|---|---|
| .. | ||
| acpica | ||
| ipf/netinet | ||
| pf/net | ||