Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 10 Mar 2020 20:30:21 +0000 (UTC)
From:      "Alexander V. Chernikov" <melifaro@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r358858 - head/sbin/ipfw
Message-ID:  <202003102030.02AKUL0q031391@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: melifaro
Date: Tue Mar 10 20:30:21 2020
New Revision: 358858
URL: https://svnweb.freebsd.org/changeset/base/358858

Log:
  Don't assume !IPv6 is IPv4 in ipfw(8) add_src() and add_dst().
  
  Submitted by:	Neel Chauhan <neel AT neelc DOT org>
  MFC after:	2 weeks
  Differential Revision:	https://reviews.freebsd.org/D21812

Modified:
  head/sbin/ipfw/ipfw2.c

Modified: head/sbin/ipfw/ipfw2.c
==============================================================================
--- head/sbin/ipfw/ipfw2.c	Tue Mar 10 20:25:36 2020	(r358857)
+++ head/sbin/ipfw/ipfw2.c	Tue Mar 10 20:30:21 2020	(r358858)
@@ -3717,11 +3717,10 @@ add_src(ipfw_insn *cmd, char *av, u_char proto, int cb
 	if (proto == IPPROTO_IPV6  || strcmp(av, "me6") == 0 ||
 	    inet_pton(AF_INET6, host, &a) == 1)
 		ret = add_srcip6(cmd, av, cblen, tstate);
-	/* XXX: should check for IPv4, not !IPv6 */
-	if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
-	    inet_pton(AF_INET6, host, &a) != 1))
+	else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
+	    inet_pton(AF_INET, host, &a) == 1)
 		ret = add_srcip(cmd, av, cblen, tstate);
-	if (ret == NULL && strcmp(av, "any") != 0)
+	else if (ret == NULL && strcmp(av, "any") != 0)
 		ret = cmd;
 
 	return ret;
@@ -3748,11 +3747,10 @@ add_dst(ipfw_insn *cmd, char *av, u_char proto, int cb
 	if (proto == IPPROTO_IPV6  || strcmp(av, "me6") == 0 ||
 	    inet_pton(AF_INET6, host, &a) == 1)
 		ret = add_dstip6(cmd, av, cblen, tstate);
-	/* XXX: should check for IPv4, not !IPv6 */
-	if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
-	    inet_pton(AF_INET6, host, &a) != 1))
+	else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
+	    inet_pton(AF_INET, host, &a) == 1)
 		ret = add_dstip(cmd, av, cblen, tstate);
-	if (ret == NULL && strcmp(av, "any") != 0)
+	else if (ret == NULL && strcmp(av, "any") != 0)
 		ret = cmd;
 
 	return ret;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202003102030.02AKUL0q031391>