Fix 3 issues relating to the use of "auth" rules in IPFilter, from sourceforge:

1837014 Kernel panics after authentication of an outgoing packet 1836992 Potential bugs in packet auth code (w/patches) 1836967 Kernel panic when using auth rule with keep state and another reported only to FreeBSD by Andiry (see PR) PR: kern/118251 Submitted by: Andriy Syrovenko <andriys@gmail.com> Reviewed by: darrenr MFC after: 5 days
author: darrenr <darrenr@FreeBSD.org> 2007-11-26 08:18:19 +0000
committer: darrenr <darrenr@FreeBSD.org> 2007-11-26 08:18:19 +0000
commit: 6e334a7949e00c1ee13db3a2e1186fc7eae085da (patch)
tree: bfcb9e54ebbf225df6ae2929f13c40d92abb1e0c /sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
parent: 7cd7e3058ec442f15961ddc99d9bbc834146c8af (diff)
download: FreeBSD-src-6e334a7949e00c1ee13db3a2e1186fc7eae085da.zip
FreeBSD-src-6e334a7949e00c1ee13db3a2e1186fc7eae085da.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
index 0f39afa..4a279fa 100644
--- a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
+++ b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
@@ -1518,6 +1518,8 @@ mb_t *m;
 		}
 #endif
 	} else {
+		fin->fin_ip->ip_len = ntohs(fin->fin_ip->ip_len);
+		fin->fin_ip->ip_off = ntohs(fin->fin_ip->ip_off);
 #if (__FreeBSD_version >= 470102)
 		error = ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL);
 #else
author	darrenr <darrenr@FreeBSD.org>	2007-11-26 08:18:19 +0000
committer	darrenr <darrenr@FreeBSD.org>	2007-11-26 08:18:19 +0000
commit	6e334a7949e00c1ee13db3a2e1186fc7eae085da (patch)
tree	bfcb9e54ebbf225df6ae2929f13c40d92abb1e0c /sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
parent	7cd7e3058ec442f15961ddc99d9bbc834146c8af (diff)
download	FreeBSD-src-6e334a7949e00c1ee13db3a2e1186fc7eae085da.zip FreeBSD-src-6e334a7949e00c1ee13db3a2e1186fc7eae085da.tar.gz