Date: Sun, 12 Oct 2014 17:03:48 +0000 (UTC) From: Cy Schubert <cy@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r272990 - stable/10/contrib/ipfilter/tools Message-ID: <201410121703.s9CH3mnt057887@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cy Date: Sun Oct 12 17:03:47 2014 New Revision: 272990 URL: https://svnweb.freebsd.org/changeset/base/272990 Log: MFC r271978 ipfilter bug #552 destination port not zero after parsing nat rule. Obtained from: netbsd CVS repo (r1.4), ipfilter CVS repo (r1.38) Modified: stable/10/contrib/ipfilter/tools/ipnat_y.y Directory Properties: stable/10/ (props changed) Modified: stable/10/contrib/ipfilter/tools/ipnat_y.y ============================================================================== --- stable/10/contrib/ipfilter/tools/ipnat_y.y Sun Oct 12 16:58:45 2014 (r272989) +++ stable/10/contrib/ipfilter/tools/ipnat_y.y Sun Oct 12 17:03:47 2014 (r272990) @@ -871,9 +871,9 @@ mapport: } free($2); if ($3.p1 < 0 || $3.p1 > 65535) - yyerror("invalid ICMP Id number"); + yyerror("invalid 1st ICMP Id number"); if ($3.p2 < 0 || $3.p2 > 65535) - yyerror("invalid ICMP Id number"); + yyerror("invalid 2nd ICMP Id number"); if (strcmp($2, "ipv6-icmp") == 0) { nat->in_pr[0] = IPPROTO_ICMPV6; nat->in_pr[1] = IPPROTO_ICMPV6; @@ -1058,7 +1058,7 @@ hash: IPNY_HASH { if (!(nat->in_flags ; portstuff: - compare portspec { $$.pc = $1; $$.p1 = $2; } + compare portspec { $$.pc = $1; $$.p1 = $2; $$.p2 = 0; } | portspec range portspec { $$.pc = $2; $$.p1 = $1; $$.p2 = $3; } ; @@ -1151,7 +1151,7 @@ proto: YY_NUMBER { $$ = $1; | YY_STR { $$ = getproto($1); free($1); if ($$ == -1) - yyerror("unknwon protocol"); + yyerror("unknown protocol"); if ($$ != IPPROTO_TCP && $$ != IPPROTO_UDP) suggest_port = 0; @@ -1172,7 +1172,8 @@ hostname: else #endif family = AF_INET; - bzero(&$$, sizeof($$)); + memset(&($$), 0, sizeof($$)); + memset(&addr, 0, sizeof(addr)); $$.f = family; if (gethost(family, $1, &addr) == 0) { @@ -1184,17 +1185,17 @@ hostname: } free($1); } - | YY_NUMBER { bzero(&$$, sizeof($$)); + | YY_NUMBER { memset(&($$), 0, sizeof($$)); $$.a.in4.s_addr = htonl($1); if ($$.a.in4.s_addr != 0) $$.f = AF_INET; } | ipv4 { $$ = $1; } - | YY_IPV6 { bzero(&$$, sizeof($$)); + | YY_IPV6 { memset(&($$), 0, sizeof($$)); $$.a = $1; $$.f = AF_INET6; } - | YY_NUMBER YY_IPV6 { bzero(&$$, sizeof($$)); + | YY_NUMBER YY_IPV6 { memset(&($$), 0, sizeof($$)); $$.a = $2; $$.f = AF_INET6; } @@ -1429,6 +1430,9 @@ setnatproto(p) nat->in_flags |= IPN_UDP; nat->in_flags &= ~IPN_TCP; break; +#ifdef USE_INET6 + case IPPROTO_ICMPV6 : +#endif case IPPROTO_ICMP : nat->in_flags &= ~IPN_TCPUDP; if (!(nat->in_flags & IPN_ICMPQUERY) && @@ -1508,7 +1512,7 @@ ipnat_addrule(fd, ioctlfunc, ptr) printnat(ipn, opts); if (opts & OPT_DEBUG) - binprint(ipn, sizeof(*ipn)); + binprint(ipn, ipn->in_size); if ((opts & OPT_ZERORULEST) != 0) { if ((*ioctlfunc)(fd, add, (void *)&obj) == -1) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410121703.s9CH3mnt057887>