From d1cb3383d631dd02638634df209ef466d4c4fcef Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Tue, 27 Mar 2018 08:20:22 +0200
Subject: [PATCH] ipfw: correctly restore shared forwarding info

Many thanks to everyone testing, prodding and pushing for this!  :)

PR: https://github.com/opnsense/core/issues/1900
---
 sys/netpfil/ipfw/ip_fw_pfil.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/sys/netpfil/ipfw/ip_fw_pfil.c b/sys/netpfil/ipfw/ip_fw_pfil.c
index dd7071fd52e..de5e88083cb 100644
--- a/sys/netpfil/ipfw/ip_fw_pfil.c
+++ b/sys/netpfil/ipfw/ip_fw_pfil.c
@@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 
 #include <net/if.h>
+#include <net/if_var.h>
 #include <net/route.h>
 #include <net/ethernet.h>
 #include <net/pfil.h>
@@ -124,6 +125,7 @@ ipfw_check_packet(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
 {
 	struct ip_fw_args args;
 	struct m_tag *tag;
+	u_short ifidx;
 	int ipfw;
 	int ret;
 
@@ -131,6 +133,17 @@ ipfw_check_packet(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
 	dir = (dir == PFIL_IN) ? DIR_IN : DIR_OUT;
 	bzero(&args, sizeof(args));
 
+	/* restore the correct forwarding interface */
+	if (dir == DIR_OUT && IP_HAS_NEXTHOP(*m0) &&
+	    !ip_get_fwdtag(*m0, NULL, &ifidx)) {
+		if (ifidx != 0) {
+			struct ifnet *nifp = ifnet_byindex(ifidx);
+			if (nifp != NULL) {
+				ifp = nifp;
+			}
+		}
+	}
+
 again:
 	/*
 	 * extract and remove the tag if present. If we are left