From owner-svn-src-head@FreeBSD.ORG Tue Apr 14 14:43:43 2015 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A4A4CC9; Tue, 14 Apr 2015 14:43:43 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 255CDC08; Tue, 14 Apr 2015 14:43:43 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3EEhh00018439; Tue, 14 Apr 2015 14:43:43 GMT (envelope-from gnn@FreeBSD.org) Received: (from gnn@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3EEhhUG018438; Tue, 14 Apr 2015 14:43:43 GMT (envelope-from gnn@FreeBSD.org) Message-Id: <201504141443.t3EEhhUG018438@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: gnn set sender to gnn@FreeBSD.org using -f From: "George V. Neville-Neil" Date: Tue, 14 Apr 2015 14:43:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r281529 - head/sys/netpfil/pf X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Apr 2015 14:43:43 -0000 Author: gnn Date: Tue Apr 14 14:43:42 2015 New Revision: 281529 URL: https://svnweb.freebsd.org/changeset/base/281529 Log: I can find no reason to allow packets with both SYN and FIN bits set past this point in the code. The packet should be dropped and not massaged as it is here. Differential Revision: https://reviews.freebsd.org/D2266 Submitted by: eri Sponsored by: Rubicon Communications (Netgate) Modified: head/sys/netpfil/pf/pf_norm.c Modified: head/sys/netpfil/pf/pf_norm.c ============================================================================== --- head/sys/netpfil/pf/pf_norm.c Tue Apr 14 14:22:34 2015 (r281528) +++ head/sys/netpfil/pf/pf_norm.c Tue Apr 14 14:43:42 2015 (r281529) @@ -1643,7 +1643,7 @@ pf_normalize_tcp(int dir, struct pfi_kif goto tcp_drop; if (flags & TH_FIN) - flags &= ~TH_FIN; + goto tcp_drop; } else { /* Illegal packet */ if (!(flags & (TH_ACK|TH_RST)))