From owner-cvs-src@FreeBSD.ORG Mon Dec 13 08:02:37 2004 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0F8116A4CE; Mon, 13 Dec 2004 08:02:37 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8A71043D3F; Mon, 13 Dec 2004 08:02:37 +0000 (GMT) (envelope-from dhartmei@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id iBD82b2B019365; Mon, 13 Dec 2004 08:02:37 GMT (envelope-from dhartmei@repoman.freebsd.org) Received: (from dhartmei@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id iBD82bPj019364; Mon, 13 Dec 2004 08:02:37 GMT (envelope-from dhartmei) Message-Id: <200412130802.iBD82bPj019364@repoman.freebsd.org> From: Daniel Hartmeier Date: Mon, 13 Dec 2004 08:02:37 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: RELENG_5 Subject: cvs commit: src/sys/contrib/pf/net pf.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Dec 2004 08:02:37 -0000 dhartmei 2004-12-13 08:02:37 UTC FreeBSD src repository Modified files: (Branch: RELENG_5) sys/contrib/pf/net pf.c Log: MFC: IPv6 packets can contain headers (like options) before the TCP/UDP/ ICMP6 header. pf finds the first TCP/UDP/ICMP6 header to filter by traversing the header chain. In the case where headers are skipped, the protocol checksum verification used the wrong length (included the skipped headers), leading to incorrectly mismatching checksums. Such IPv6 packets with headers were silently dropped. Revision Changes Path 1.18.2.5 +7 -4 src/sys/contrib/pf/net/pf.c