Author: melifaro Date: Tue Mar 10 20:30:21 2020 New Revision: 358858 URL: https://svnweb.freebsd.org/changeset/base/358858
Log: Don't assume !IPv6 is IPv4 in ipfw(8) add_src() and add_dst(). Submitted by: Neel Chauhan <neel AT neelc DOT org> MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D21812 Modified: head/sbin/ipfw/ipfw2.c Modified: head/sbin/ipfw/ipfw2.c ============================================================================== --- head/sbin/ipfw/ipfw2.c Tue Mar 10 20:25:36 2020 (r358857) +++ head/sbin/ipfw/ipfw2.c Tue Mar 10 20:30:21 2020 (r358858) @@ -3717,11 +3717,10 @@ add_src(ipfw_insn *cmd, char *av, u_char proto, int cb if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 || inet_pton(AF_INET6, host, &a) == 1) ret = add_srcip6(cmd, av, cblen, tstate); - /* XXX: should check for IPv4, not !IPv6 */ - if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 || - inet_pton(AF_INET6, host, &a) != 1)) + else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 || + inet_pton(AF_INET, host, &a) == 1) ret = add_srcip(cmd, av, cblen, tstate); - if (ret == NULL && strcmp(av, "any") != 0) + else if (ret == NULL && strcmp(av, "any") != 0) ret = cmd; return ret; @@ -3748,11 +3747,10 @@ add_dst(ipfw_insn *cmd, char *av, u_char proto, int cb if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 || inet_pton(AF_INET6, host, &a) == 1) ret = add_dstip6(cmd, av, cblen, tstate); - /* XXX: should check for IPv4, not !IPv6 */ - if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 || - inet_pton(AF_INET6, host, &a) != 1)) + else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 || + inet_pton(AF_INET, host, &a) == 1) ret = add_dstip(cmd, av, cblen, tstate); - if (ret == NULL && strcmp(av, "any") != 0) + else if (ret == NULL && strcmp(av, "any") != 0) ret = cmd; return ret; _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
