From ee0b7276372ebe07cd231b55d42ab3a4200f53c0 Mon Sep 17 00:00:00 2001 From: Kristof Provost Date: Thu, 5 Oct 2023 16:57:50 +0200 Subject: [PATCH] pf: fix SCTP SDT probe We want the return value of pf_test_rule(), i.e. the result of the evaluation of the new state, not the result of the evaluation of the original packet/state. MFC after: 1 week Sponsored by: Orange Business Services (cherry picked from commit b00dbe851c66f26a16219d31c76b7fb411ace94c) --- sys/netpfil/pf/pf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index fae0bd2854f..3dddfdd0b1a 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -5943,7 +5943,7 @@ pf_sctp_multihome_delayed(struct pf_pdesc *pd, int off, struct pfi_kkif *kif, ret = pf_test_rule(&r, &sm, kif, j->m, off, &j->pd, &ra, &rs, NULL); PF_RULES_RUNLOCK(); - SDT_PROBE4(pf, sctp, multihome, test, kif, r, j->m, action); + SDT_PROBE4(pf, sctp, multihome, test, kif, r, j->m, ret); if (sm) { /* Inherit v_tag values. */ sm->src.scrub->pfss_v_tag = s->src.scrub->pfss_flags;