summaryrefslogtreecommitdiffstats
path: root/sys/contrib
diff options
context:
space:
mode:
authordarrenr <darrenr@FreeBSD.org>2008-07-26 19:46:00 +0000
committerdarrenr <darrenr@FreeBSD.org>2008-07-26 19:46:00 +0000
commitc85943e33bb3ab8bad591d4c718ec2870992a844 (patch)
tree4309fe0201163cf9113210620d6c63a82d6c0f70 /sys/contrib
parent7f7c185d6ba591c737dba1e9e1b4148a1b4a1a32 (diff)
downloadFreeBSD-src-c85943e33bb3ab8bad591d4c718ec2870992a844.zip
FreeBSD-src-c85943e33bb3ab8bad591d4c718ec2870992a844.tar.gz
2020447 IPFilter's NAT can undo name server random port selection
(fix output port range, was a random number in [0,max-min] (byteswapped on litle endian), instead of [min,max]) Submitted by: darrenr
Diffstat (limited to 'sys/contrib')
-rw-r--r--sys/contrib/ipfilter/netinet/ip_nat.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/contrib/ipfilter/netinet/ip_nat.c b/sys/contrib/ipfilter/netinet/ip_nat.c
index 8b227e0..d6f0b55 100644
--- a/sys/contrib/ipfilter/netinet/ip_nat.c
+++ b/sys/contrib/ipfilter/netinet/ip_nat.c
@@ -2033,11 +2033,13 @@ natinfo_t *ni;
* Standard port translation. Select next port.
*/
if (np->in_flags & IPN_SEQUENTIAL) {
- port = htons(np->in_pnext);
+ port = np->in_pnext;
} else {
port = ipf_random() % (ntohs(np->in_pmax) -
ntohs(np->in_pmin));
+ port += ntohs(np->in_pmin);
}
+ port = htons(port);
np->in_pnext++;
if (np->in_pnext > ntohs(np->in_pmax)) {
OpenPOWER on IntegriCloud