Date: Thu, 7 Jan 2010 12:00:54 +0000 (UTC) From: Luigi Rizzo <luigi@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r201740 - head/sys/netinet/ipfw Message-ID: <201001071200.o07C0sKR044093@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: luigi Date: Thu Jan 7 12:00:54 2010 New Revision: 201740 URL: http://svn.freebsd.org/changeset/base/201740 Log: check that we have an ipv4 packet before swapping ip_len and ip_off. This should fix the handling of ipv6 packets which i broke when i made ipfw operate on packets in network format. Reported by: Hajimu UMEMOTO Modified: head/sys/netinet/ipfw/ip_fw_pfil.c Modified: head/sys/netinet/ipfw/ip_fw_pfil.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw_pfil.c Thu Jan 7 11:54:36 2010 (r201739) +++ head/sys/netinet/ipfw/ip_fw_pfil.c Thu Jan 7 12:00:54 2010 (r201740) @@ -104,7 +104,8 @@ ipfw_check_hook(void *arg, struct mbuf * int ret; /* all the processing now uses ip_len in net format */ - SET_NET_IPLEN(mtod(*m0, struct ip *)); + if (mtod(*m0, struct ip *)->ip_v == 4) + SET_NET_IPLEN(mtod(*m0, struct ip *)); /* convert dir to IPFW values */ dir = (dir == PFIL_IN) ? DIR_IN : DIR_OUT; @@ -236,7 +237,7 @@ again: FREE_PKT(*m0); *m0 = NULL; } - if (*m0) + if (*m0 && mtod(*m0, struct ip *)->ip_v == 4) SET_HOST_IPLEN(mtod(*m0, struct ip *)); return ret; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201001071200.o07C0sKR044093>