svn commit: r305738 - releng/11.0/sys/netpfil/ipfw
Andrey V. Elsukov
ae at FreeBSD.org
Mon Sep 12 15:57:36 UTC 2016
Author: ae
Date: Mon Sep 12 15:57:35 2016
New Revision: 305738
URL: https://svnweb.freebsd.org/changeset/base/305738
Log:
Merge from stable/11 r304415,304419 (by oleg):
Fix command: ipfw set (enable|disable) N (where N > 4).
PR: 212595
Approved by: re (kib)
Modified:
releng/11.0/sys/netpfil/ipfw/ip_fw_sockopt.c
Directory Properties:
releng/11.0/ (props changed)
Modified: releng/11.0/sys/netpfil/ipfw/ip_fw_sockopt.c
==============================================================================
--- releng/11.0/sys/netpfil/ipfw/ip_fw_sockopt.c Mon Sep 12 14:28:38 2016 (r305737)
+++ releng/11.0/sys/netpfil/ipfw/ip_fw_sockopt.c Mon Sep 12 15:57:35 2016 (r305738)
@@ -1414,8 +1414,10 @@ manage_sets(struct ip_fw_chain *chain, i
if (rh->range.head.length != sizeof(ipfw_range_tlv))
return (1);
- if (rh->range.set >= IPFW_MAX_SETS ||
- rh->range.new_set >= IPFW_MAX_SETS)
+ /* enable_sets() expects bitmasks. */
+ if (op3->opcode != IP_FW_SET_ENABLE &&
+ (rh->range.set >= IPFW_MAX_SETS ||
+ rh->range.new_set >= IPFW_MAX_SETS))
return (EINVAL);
ret = 0;
More information about the svn-src-all
mailing list