Subject: Re: bin/26413 (ipf parsing corrupts lines it sends to kernel)
To: None <darrenr@netbsd.org, gnats-admin@netbsd.org,>
From: Darren Reed <darrenr@NetBSD.org>
List: netbsd-bugs
Date: 12/09/2005 06:00:05
The following reply was made to PR bin/26413; it has been noted by GNATS.
From: Darren Reed <darrenr@NetBSD.org>
To: gnats-bugs@netbsd.org
Cc: gcw@primenet.com.au
Subject: Re: bin/26413 (ipf parsing corrupts lines it sends to kernel)
Date: Fri, 9 Dec 2005 05:56:15 +0000
The patch below should help this problem.
Darren
Index: lib/getport.c
===================================================================
RCS file: /devel/CVS/IP-Filter/lib/getport.c,v
retrieving revision 1.1.4.3
diff -c -r1.1.4.3 getport.c
*** lib/getport.c 21 Feb 2005 05:05:31 -0000 1.1.4.3
--- lib/getport.c 8 Dec 2005 07:53:18 -0000
***************
*** 18,23 ****
--- 18,38 ----
return -1;
}
+ /*
+ * Some people will use port names in rules without specifying
+ * either TCP or UDP because it is implied by the group head.
+ */
+ if (fr->fr_proto == 0) {
+ s = getservbyname(name, "tcp");
+ if (s == NULL) {
+ s = getservbyname(name, "udp");
+ if (s == NULL)
+ return -1;
+ }
+ *port = s->s_port;
+ return 0;
+ }
+
if ((fr->fr_flx & FI_TCPUDP) != 0) {
/*
* If a rule is "tcp/udp" then check that both TCP and UDP