svn commit: r358858 - head/sbin/ipfw
Alexander V. Chernikov
melifaro at FreeBSD.org
Tue Mar 10 20:30:22 UTC 2020
Author: melifaro
Date: Tue Mar 10 20:30:21 2020
New Revision: 358858
URL: https://svnweb.freebsd.org/changeset/base/358858
Log:
Don't assume !IPv6 is IPv4 in ipfw(8) add_src() and add_dst().
Submitted by: Neel Chauhan <neel AT neelc DOT org>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D21812
Modified:
head/sbin/ipfw/ipfw2.c
Modified: head/sbin/ipfw/ipfw2.c
==============================================================================
--- head/sbin/ipfw/ipfw2.c Tue Mar 10 20:25:36 2020 (r358857)
+++ head/sbin/ipfw/ipfw2.c Tue Mar 10 20:30:21 2020 (r358858)
@@ -3717,11 +3717,10 @@ add_src(ipfw_insn *cmd, char *av, u_char proto, int cb
if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
inet_pton(AF_INET6, host, &a) == 1)
ret = add_srcip6(cmd, av, cblen, tstate);
- /* XXX: should check for IPv4, not !IPv6 */
- if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
- inet_pton(AF_INET6, host, &a) != 1))
+ else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
+ inet_pton(AF_INET, host, &a) == 1)
ret = add_srcip(cmd, av, cblen, tstate);
- if (ret == NULL && strcmp(av, "any") != 0)
+ else if (ret == NULL && strcmp(av, "any") != 0)
ret = cmd;
return ret;
@@ -3748,11 +3747,10 @@ add_dst(ipfw_insn *cmd, char *av, u_char proto, int cb
if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
inet_pton(AF_INET6, host, &a) == 1)
ret = add_dstip6(cmd, av, cblen, tstate);
- /* XXX: should check for IPv4, not !IPv6 */
- if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
- inet_pton(AF_INET6, host, &a) != 1))
+ else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
+ inet_pton(AF_INET, host, &a) == 1)
ret = add_dstip(cmd, av, cblen, tstate);
- if (ret == NULL && strcmp(av, "any") != 0)
+ else if (ret == NULL && strcmp(av, "any") != 0)
ret = cmd;
return ret;
More information about the svn-src-all
mailing list