ip_state.c: is->is_sport = htons(fin->fin_data[0]);
ip_state.c: is->is_sport = htons(fin->fin_data[0]);
ip_state.c: is->is_sport = sp;
ip_state.c: is->is_sport = dp;
I fixed the inconsistency the the tcp != NULL case, but that's cosmetic.
christos
Sorry, the reason I think this is a problem, comparing same value (is->is_sport or is->dport) to
sp (htons) or dp (ntohs).
--------
if (tcp != NULL) {
sp = htons(fin->fin_sport);
dp = ntohs(fin->fin_dport);
}
…
/*
* Match addresses and ports.
*/
if (rev == 0) {
if ((IP6_EQ(&is->is_dst, dst) || (flags & SI_W_DADDR)) &&
(IP6_EQ(&is->is_src, src) || (flags & SI_W_SADDR))) {
if (tcp) {
if ((sp == is->is_sport || flags & SI_W_SPORT) <-------
&&
(dp == is->is_dport || flags & SI_W_DPORT)) <-------
ret = 1;
} else {
ret = 1;
}
}
} else {
if ((IP6_EQ(&is->is_dst, src) || (flags & SI_W_DADDR)) &&
(IP6_EQ(&is->is_src, dst) || (flags & SI_W_SADDR))) {
if (tcp) {
if ((dp == is->is_sport || flags & SI_W_SPORT) <-------
&&
(sp == is->is_dport || flags & SI_W_DPORT)) <-------
ret = 1;
} else {
ret = 1;
}
}
}
--------
Wednesday, April 15, 2020 7:20 PM +09:00 from gnats-admin%netbsd.org@localhost:
Thank you very much for your problem report.
It has the internal identification `kern/55179'.
The individual assigned to look at your
report is: kern-bug-people.
>Category: kern
>Responsible: kern-bug-people
>Synopsis: ipfilter ip_state.c's problem
>Arrival-Date: Wed Apr 15 10:20:00 +0000 2020
--
Kouichi Hashikawa <hashikaw%mail.ru@localhost>