Date: Mon, 14 Apr 2003 17:07:53 +0200 (CEST) From: Rene de Vries <rene@tunix.nl> To: FreeBSD-gnats-submit@FreeBSD.org Cc: darrenr@FreeBSD.org Subject: kern/50948: BUG: @0 does not insert at the beginning of the list Message-ID: <200304141507.h3EF7rd1072816@upsilix.tunix.nl> Resent-Message-ID: <200304141510.h3EFABlS094898@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 50948
>Category: kern
>Synopsis: BUG: @0 does not insert at the beginning of the list
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Apr 14 08:10:11 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Rene de Vries
>Release: FreeBSD 4.7-RELEASE-p3 i386/FreeBSD 5.0-20030414 i386
>Organization:
Tunix Internet Security & Training
>Environment:
FreeBSD 4.7-RELEASE-p3 i386/FreeBSD 5.0-20030414 i386
IPFilter 3.4.29/3.4.31
>Description:
In previous versions of ip_filter "@0" used to insert a line
at the beginning of the set.
The current version simply leaves the line as it would have
been without "@0". The bug is triggered by the fact that
fr_hist is used both as a counter and as a boolean.
>How-To-Repeat:
Filter rules:
log in on lo0 from any to 192.168.1.1
log in on lo0 from any to 192.168.1.2
log in on lo0 from any to 192.168.1.3
@0 log in on lo0 from any to 192.168.2.1
@0 log in on lo0 from any to 192.168.2.2
@0 log in on lo0 from any to 192.168.2.3
ipfstat -i (before fix):
log in on lo0 from any to 192.168.1.1
log in on lo0 from any to 192.168.1.2
log in on lo0 from any to 192.168.1.3
log in on lo0 from any to 192.168.2.1
log in on lo0 from any to 192.168.2.2
log in on lo0 from any to 192.168.2.3
ipfstat -i should then be:
log in on lo0 from any to 192.168.2.3
log in on lo0 from any to 192.168.2.2
log in on lo0 from any to 192.168.2.1
log in on lo0 from any to 192.168.1.1
log in on lo0 from any to 192.168.1.2
log in on lo0 from any to 192.168.1.3
>Fix:
Diff against FreeBSD 5 (current as of 14 Apr 2003)
Index: sys/contrib/ipfilter/netinet/ip_fil.c
===================================================================
RCS file: /home/fbsd-cvsrepo/src/sys/contrib/ipfilter/netinet/ip_fil.c,v
retrieving revision 1.38
diff -u -r1.38 ip_fil.c
--- sys/contrib/ipfilter/netinet/ip_fil.c 19 Feb 2003 05:47:00 -0000 1.38
+++ sys/contrib/ipfilter/netinet/ip_fil.c 14 Apr 2003 13:39:40 -0000
@@ -1025,8 +1025,8 @@
while ((f = *ftail))
ftail = &f->fr_next;
else {
+ ftail = fprev;
if (fp->fr_hits) {
- ftail = fprev;
while (--fp->fr_hits && (f = *ftail))
ftail = &f->fr_next;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304141507.h3EF7rd1072816>