summaryrefslogtreecommitdiffstats
path: root/sys/netinet/ip_fw.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet/ip_fw.c')
-rw-r--r--sys/netinet/ip_fw.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/netinet/ip_fw.c b/sys/netinet/ip_fw.c
index b62f6d7..f006bc6 100644
--- a/sys/netinet/ip_fw.c
+++ b/sys/netinet/ip_fw.c
@@ -320,11 +320,13 @@ ip_fw_chk(struct ip **pip, int hlen,
continue;
/* If src-addr doesn't match, not this rule. */
- if ((src.s_addr & f->fw_smsk.s_addr) != f->fw_src.s_addr)
+ if ((f->fw_flg & IP_FW_F_INVSRC) != 0
+ ^ (src.s_addr & f->fw_smsk.s_addr) != f->fw_src.s_addr)
continue;
/* If dest-addr doesn't match, not this rule. */
- if ((dst.s_addr & f->fw_dmsk.s_addr) != f->fw_dst.s_addr)
+ if ((f->fw_flg & IP_FW_F_INVDST) != 0
+ ^ (dst.s_addr & f->fw_dmsk.s_addr) != f->fw_dst.s_addr)
continue;
/* If a i/f name was specified, and we don't know */
OpenPOWER on IntegriCloud