svn commit: r303850 - stable/10/sys/netpfil/pf
Kristof Provost
kp at FreeBSD.org
Mon Aug 8 19:44:14 UTC 2016
Author: kp
Date: Mon Aug 8 19:44:13 2016
New Revision: 303850
URL: https://svnweb.freebsd.org/changeset/base/303850
Log:
MFC r290521:
pf: Fix broken rule skip calculation
r289932 accidentally broke the rule skip calculation. The address family
argument to PF_ANEQ() is now important, and because it was set to 0 the macro
always evaluated to false.
This resulted in incorrect skip values, which in turn broke the rule
evaluations.
Modified:
stable/10/sys/netpfil/pf/pf.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/sys/netpfil/pf/pf.c
==============================================================================
--- stable/10/sys/netpfil/pf/pf.c Mon Aug 8 19:43:07 2016 (r303849)
+++ stable/10/sys/netpfil/pf/pf.c Mon Aug 8 19:44:13 2016 (r303850)
@@ -1985,9 +1985,9 @@ pf_addr_wrap_neq(struct pf_addr_wrap *aw
switch (aw1->type) {
case PF_ADDR_ADDRMASK:
case PF_ADDR_RANGE:
- if (PF_ANEQ(&aw1->v.a.addr, &aw2->v.a.addr, 0))
+ if (PF_ANEQ(&aw1->v.a.addr, &aw2->v.a.addr, AF_INET6))
return (1);
- if (PF_ANEQ(&aw1->v.a.mask, &aw2->v.a.mask, 0))
+ if (PF_ANEQ(&aw1->v.a.mask, &aw2->v.a.mask, AF_INET6))
return (1);
return (0);
case PF_ADDR_DYNIFTL:
More information about the svn-src-stable
mailing list