Fix pf for ${OSVERSION} >= 501114, i.e. the 5.2 freeze point, when andre@'s

tcp hostcache changes took place.

2 files changed, 26 insertions, 0 deletions

diff --git a/security/pf/Makefile b/security/pf/Makefile
index e4f9c551c42d..3e3aeaff2596 100644
--- a/security/pf/Makefile
+++ b/security/pf/Makefile
@@ -50,6 +50,10 @@ PLIST_SUB+=	WITH_ALTQ="@comment "
 IGNORE=		"Only for 5.0 and above"
 .endif
 
+.if ${OSVERSION} >= 501114
+EXTRA_PATCHES+=	${PATCHDIR}/extra-patch-pf::pf.c
+.endif
+
 .if !exists(${SRC_BASE}/sys/Makefile) && \
     (defined(WITH_ALTQ) && !exists(${SYS_ALTQ}/Makefile))
 IGNORE=		"Kernel source files required"
diff --git a/security/pf/files/extra-patch-pf::pf.c b/security/pf/files/extra-patch-pf::pf.c
new file mode 100644
index 000000000000..30be4db7683e
--- /dev/null
+++ b/security/pf/files/extra-patch-pf::pf.c
@@ -0,0 +1,22 @@
+Update pf to be more in line with current TCP stack behaviour at
+5.2 code freeze point after andre's initial commit to decouple
+protocol-level stats from routing. --  bms@FreeBSD.org
+
+--- pf/pf.c.orig	Wed Nov 19 11:51:34 2003
++++ pf/pf.c	Wed Nov 19 11:53:42 2003
+@@ -1376,14 +1376,10 @@
+ 		 */
+ 		NTOHS(ip->ip_len);
+ 		NTOHS(ip->ip_off);
+-		ip_rtaddr(ip->ip_dst, &ro);
+ 		PF_UNLOCK();
+-		ip_output(m, (void *)NULL, &ro, 0, (void *)NULL,
++		ip_output(m, (void *)NULL, (void *)NULL, 0, (void *)NULL,
+ 			(void *)NULL);
+ 		PF_LOCK();
+-		if(ro.ro_rt) {
+-			RTFREE(ro.ro_rt);
+-		}
+ #else
+ 		ip_output(m, (void *)NULL, (void *)NULL, 0, (void *)NULL,
+ 		    (void *)NULL);