CVS commit: src/sys/dist/pf/net

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/dist/pf/net
From: Peter Postma <peter%netbsd.org@localhost>
Date: Mon, 14 Feb 2005 21:27:27 +0000 (UTC)

Module Name:    src
Committed By:   peter
Date:           Mon Feb 14 21:27:26 UTC 2005

Modified Files:
        src/sys/dist/pf/net: pf.c

Log Message:
Merge in a fix from OPENBSD_3_6.
ok yamt@

> MFC:
> Fix by dhartmei@
>
> ICMP state entries use the ICMP ID as port for the unique state key. When
> checking for a usable key, construct the key in the same way. Otherwise,
> a colliding key might be missed or a state insertion might be refused even
> though it could be inserted. The second case triggers the endless loop
> fixed by 1.474, possibly allowing a NATed LAN client to lock up the kernel.
> Report and test data by Srebrenko Sehic.


To generate a diff of this commit:
cvs rdiff -r1.11 -r1.12 src/sys/dist/pf/net/pf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/bin/sh
Next by Date: CVS commit: src/sys/dist/pf/net
Previous by Thread: CVS commit: src/bin/sh
Next by Thread: CVS commit: src/sys/dist/pf/net
Indexes:

Home | Main Index | Thread Index | Old Index