FreeBSD Mail Archives

Date:      Fri, 15 Aug 2014 04:35:35 +0000 (UTC)
From:      Gleb Smirnoff <glebius@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r270010 - head/sys/netpfil/pf
Message-ID:  <201408150435.s7F4ZZCK019240@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: glebius
Date: Fri Aug 15 04:35:34 2014
New Revision: 270010
URL: http://svnweb.freebsd.org/changeset/base/270010

Log:
  Fix synproxy with IPv6. pf_test6() was missing a check for M_SKIP_FIREWALL.
  
  PR:		127920
  Submitted by:	Kajetan Staszkiewicz <vegeta tuxpowered.net>
  Sponsored by:	InnoGames GmbH

Modified:
  head/sys/netpfil/pf/pf.c

Modified: head/sys/netpfil/pf/pf.c
==============================================================================
--- head/sys/netpfil/pf/pf.c	Fri Aug 15 03:52:40 2014	(r270009)
+++ head/sys/netpfil/pf/pf.c	Fri Aug 15 04:35:34 2014	(r270010)
@@ -6066,6 +6066,9 @@ pf_test6(int dir, struct ifnet *ifp, str
 	if (kif->pfik_flags & PFI_IFLAG_SKIP)
 		return (PF_PASS);
 
+	if (m->m_flags & M_SKIP_FIREWALL)
+		return (PF_PASS);
+
 	PF_RULES_RLOCK();
 
 	/* We do IP header normalization and packet reassembly here */

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201408150435.s7F4ZZCK019240>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation