From owner-svn-src-all@FreeBSD.ORG  Mon Sep 22 16:35:48 2014
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C012669B;
 Mon, 22 Sep 2014 16:35:48 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9FAA21EA;
 Mon, 22 Sep 2014 16:35:48 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8MGZmWo086526;
 Mon, 22 Sep 2014 16:35:48 GMT (envelope-from cy@FreeBSD.org)
Received: (from cy@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id s8MGZmS9086525;
 Mon, 22 Sep 2014 16:35:48 GMT (envelope-from cy@FreeBSD.org)
Message-Id: <201409221635.s8MGZmS9086525@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: cy set sender to cy@FreeBSD.org
 using -f
From: Cy Schubert <cy@FreeBSD.org>
Date: Mon, 22 Sep 2014 16:35:48 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r271978 - head/contrib/ipfilter/tools
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Sep 2014 16:35:49 -0000

Author: cy
Date: Mon Sep 22 16:35:48 2014
New Revision: 271978
URL: http://svnweb.freebsd.org/changeset/base/271978

Log:
  #552 destination port not zero after parsing nat rule
  
  Approved by:	glebius (mentor)
  Obtained from:	netbsd CVS repo (r1.4), ipfilter CVS repo (r1.38)

Modified:
  head/contrib/ipfilter/tools/ipnat_y.y

Modified: head/contrib/ipfilter/tools/ipnat_y.y
==============================================================================
--- head/contrib/ipfilter/tools/ipnat_y.y	Mon Sep 22 16:21:25 2014	(r271977)
+++ head/contrib/ipfilter/tools/ipnat_y.y	Mon Sep 22 16:35:48 2014	(r271978)
@@ -871,9 +871,9 @@ mapport:
 			  }
 			  free($2);
 			  if ($3.p1 < 0 || $3.p1 > 65535)
-				yyerror("invalid ICMP Id number");
+				yyerror("invalid 1st ICMP Id number");
 			  if ($3.p2 < 0 || $3.p2 > 65535)
-				yyerror("invalid ICMP Id number");
+				yyerror("invalid 2nd ICMP Id number");
 			  if (strcmp($2, "ipv6-icmp") == 0) {
 				nat->in_pr[0] = IPPROTO_ICMPV6;
 				nat->in_pr[1] = IPPROTO_ICMPV6;
@@ -1058,7 +1058,7 @@ hash:	IPNY_HASH			{ if (!(nat->in_flags 
 	;
 
 portstuff:
-	compare portspec		{ $$.pc = $1; $$.p1 = $2; }
+	compare portspec		{ $$.pc = $1; $$.p1 = $2; $$.p2 = 0; }
 	| portspec range portspec	{ $$.pc = $2; $$.p1 = $1; $$.p2 = $3; }
 	;
 
@@ -1151,7 +1151,7 @@ proto:	YY_NUMBER			{ $$ = $1;
 	| YY_STR			{ $$ = getproto($1);
 					  free($1);
 					  if ($$ == -1)
-						yyerror("unknwon protocol");
+						yyerror("unknown protocol");
 					  if ($$ != IPPROTO_TCP &&
 					      $$ != IPPROTO_UDP)
 						suggest_port = 0;
@@ -1172,7 +1172,8 @@ hostname:
 					  else
 #endif
 						family = AF_INET;
-					  bzero(&$$, sizeof($$));
+					  memset(&($$), 0, sizeof($$));
+					  memset(&addr, 0, sizeof(addr));
 					  $$.f = family;
 					  if (gethost(family, $1,
 						      &addr) == 0) {
@@ -1184,17 +1185,17 @@ hostname:
 					  }
 					  free($1);
 					}
-	| YY_NUMBER			{ bzero(&$$, sizeof($$));
+	| YY_NUMBER			{ memset(&($$), 0, sizeof($$));
 					  $$.a.in4.s_addr = htonl($1);
 					  if ($$.a.in4.s_addr != 0)
 						$$.f = AF_INET;
 					}
 	| ipv4				{ $$ = $1; }
-	| YY_IPV6			{ bzero(&$$, sizeof($$));
+	| YY_IPV6			{ memset(&($$), 0, sizeof($$));
 					  $$.a = $1;
 					  $$.f = AF_INET6;
 					}
-	| YY_NUMBER YY_IPV6		{ bzero(&$$, sizeof($$));
+	| YY_NUMBER YY_IPV6		{ memset(&($$), 0, sizeof($$));
 					  $$.a = $2;
 					  $$.f = AF_INET6;
 					}
@@ -1429,6 +1430,9 @@ setnatproto(p)
 		nat->in_flags |= IPN_UDP;
 		nat->in_flags &= ~IPN_TCP;
 		break;
+#ifdef USE_INET6
+	case IPPROTO_ICMPV6 :
+#endif
 	case IPPROTO_ICMP :
 		nat->in_flags &= ~IPN_TCPUDP;
 		if (!(nat->in_flags & IPN_ICMPQUERY) &&
@@ -1508,7 +1512,7 @@ ipnat_addrule(fd, ioctlfunc, ptr)
 		printnat(ipn, opts);
 
 	if (opts & OPT_DEBUG)
-		binprint(ipn, sizeof(*ipn));
+		binprint(ipn, ipn->in_size);
 
 	if ((opts & OPT_ZERORULEST) != 0) {
 		if ((*ioctlfunc)(fd, add, (void *)&obj) == -1) {