summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorcy <cy@FreeBSD.org>2014-10-12 16:51:02 +0000
committercy <cy@FreeBSD.org>2014-10-12 16:51:02 +0000
commitba88b262c38669d8a3bdcaabe6684fd192d2540e (patch)
treedf974223190f27d5f5dd0bcb7761df3e3bae9480
parente95de0dcc58409e4c25981fc2d16ac1ddd56b270 (diff)
downloadFreeBSD-src-ba88b262c38669d8a3bdcaabe6684fd192d2540e.zip
FreeBSD-src-ba88b262c38669d8a3bdcaabe6684fd192d2540e.tar.gz
MFC r271972
Fix ipfilter bug #536 ipnat can try to print rule as dstlist incorrectly. Obtained from: ipfilter CVS repo (r1.14), netbsd CVS repo (r1.3)
-rw-r--r--contrib/ipfilter/lib/printnat.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/contrib/ipfilter/lib/printnat.c b/contrib/ipfilter/lib/printnat.c
index 37a7e12..a94d4ee 100644
--- a/contrib/ipfilter/lib/printnat.c
+++ b/contrib/ipfilter/lib/printnat.c
@@ -153,7 +153,8 @@ printnat(np, opts)
} else if (np->in_redir & NAT_REWRITE) {
PRINTF(" -> src ");
- if (np->in_nsrc.na_type == IPLT_DSTLIST) {
+ if (np->in_nsrc.na_atype == FRI_LOOKUP &&
+ np->in_nsrc.na_type == IPLT_DSTLIST) {
PRINTF("dstlist/");
if (np->in_nsrc.na_subtype == 0)
PRINTF("%d", np->in_nsrc.na_num);
@@ -174,7 +175,8 @@ printnat(np, opts)
}
}
PRINTF(" dst ");
- if (np->in_ndst.na_type == IPLT_DSTLIST) {
+ if (np->in_ndst.na_atype == FRI_LOOKUP &&
+ np->in_ndst.na_type == IPLT_DSTLIST) {
PRINTF("dstlist/");
if (np->in_ndst.na_subtype == 0)
PRINTF("%d", np->in_nsrc.na_num);
OpenPOWER on IntegriCloud