svn commit: r196362 - vendor-sys/pf/dist/net
Max Laier
mlaier at FreeBSD.org
Tue Aug 18 16:21:08 UTC 2009
Author: mlaier
Date: Tue Aug 18 16:21:07 2009
New Revision: 196362
URL: http://svn.freebsd.org/changeset/base/196362
Log:
Import 4.5-002 fix
Modified:
vendor-sys/pf/dist/net/pf.c
Modified: vendor-sys/pf/dist/net/pf.c
==============================================================================
--- vendor-sys/pf/dist/net/pf.c Tue Aug 18 16:16:48 2009 (r196361)
+++ vendor-sys/pf/dist/net/pf.c Tue Aug 18 16:21:07 2009 (r196362)
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.633 2009/02/16 00:31:25 dlg Exp $ */
+/* $OpenBSD: pf.c,v 1.634 2009/02/27 12:37:45 henning Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -5243,6 +5243,15 @@ pf_test(int dir, struct ifnet *ifp, stru
break;
}
+#ifdef INET6
+ case IPPROTO_ICMPV6: {
+ action = PF_DROP;
+ DPFPRINTF(PF_DEBUG_MISC,
+ ("pf: dropping IPv4 packet with ICMPv6 payload\n"));
+ goto done;
+ }
+#endif
+
default:
action = pf_test_state_other(&s, dir, kif, m, &pd);
if (action == PF_PASS) {
@@ -5597,6 +5606,13 @@ pf_test6(int dir, struct ifnet *ifp, str
break;
}
+ case IPPROTO_ICMP: {
+ action = PF_DROP;
+ DPFPRINTF(PF_DEBUG_MISC,
+ ("pf: dropping IPv6 packet with ICMPv4 payload\n"));
+ goto done;
+ }
+
case IPPROTO_ICMPV6: {
struct icmp6_hdr ih;
More information about the svn-src-vendor
mailing list