diff options
author | darrenr <darrenr@FreeBSD.org> | 2007-11-26 08:18:19 +0000 |
---|---|---|
committer | darrenr <darrenr@FreeBSD.org> | 2007-11-26 08:18:19 +0000 |
commit | 6e334a7949e00c1ee13db3a2e1186fc7eae085da (patch) | |
tree | bfcb9e54ebbf225df6ae2929f13c40d92abb1e0c /sys/contrib/ipfilter/netinet/ip_fil_freebsd.c | |
parent | 7cd7e3058ec442f15961ddc99d9bbc834146c8af (diff) | |
download | FreeBSD-src-6e334a7949e00c1ee13db3a2e1186fc7eae085da.zip FreeBSD-src-6e334a7949e00c1ee13db3a2e1186fc7eae085da.tar.gz |
Fix 3 issues relating to the use of "auth" rules in IPFilter, from sourceforge:
1837014 Kernel panics after authentication of an outgoing packet
1836992 Potential bugs in packet auth code (w/patches)
1836967 Kernel panic when using auth rule with keep state
and another reported only to FreeBSD by Andiry (see PR)
PR: kern/118251
Submitted by: Andriy Syrovenko <andriys@gmail.com>
Reviewed by: darrenr
MFC after: 5 days
Diffstat (limited to 'sys/contrib/ipfilter/netinet/ip_fil_freebsd.c')
-rw-r--r-- | sys/contrib/ipfilter/netinet/ip_fil_freebsd.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c index 0f39afa..4a279fa 100644 --- a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c +++ b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c @@ -1518,6 +1518,8 @@ mb_t *m; } #endif } else { + fin->fin_ip->ip_len = ntohs(fin->fin_ip->ip_len); + fin->fin_ip->ip_off = ntohs(fin->fin_ip->ip_off); #if (__FreeBSD_version >= 470102) error = ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL); #else |