d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed panic that occurs on certain firewall rejected packets that was

Browse Source 
caused by dtom() being used on an mbuf cluster. The fix involves passing
around the mbuf pointer.

Submitted by:	Bill Fenner
This commit is contained in:
David Greenman 1995-07-09 14:29:46 +00:00
parent 2c413cbe50
commit c6e8c3576e
4 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/netinet/ip_fw.c
View File

@ -104,7 +104,8 @@ port_match(portptr, nports, port, range_flag)
#ifdef IPFIREWALL
int
ip_fw_chk(ip, rif, chain)
ip_fw_chk(m, ip, rif, chain)
struct mbuf *m;
struct ip *ip;
struct ifnet *rif;
struct ip_fw *chain;
@ -115,7 +116,6 @@ ip_fw_chk(ip, rif, chain)
struct icmp *icmp = (struct icmp *) ((u_long *) ip + ip->ip_hl);
struct ifaddr *ia = NULL, *ia_p;
struct in_addr src, dst, ia_i;
struct mbuf *m;
u_short src_port = 0, dst_port = 0;
u_short f_prt = 0, prt;
char notcpsyn = 1;
@ -302,7 +302,6 @@ got_match:
return TRUE;
bad_packet:
m = dtom(ip);
if (f != NULL) {
/*
* Do not ICMP reply to icmp packets....:) or to packets

4
sys/netinet/ip_fw.h
View File

@ -126,7 +126,7 @@ extern struct ip_fw *ip_acct_chain;
/*
* Function pointers.
*/
extern int (*ip_fw_chk_ptr)(struct ip *,struct ifnet *,struct ip_fw *);
extern int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *,struct ifnet *,struct ip_fw *);
extern int (*ip_fw_ctl_ptr)(int,struct mbuf *);
extern void (*ip_acct_cnt_ptr)(struct ip *,struct ifnet *,struct ip_fw *,int);
@ -135,7 +135,7 @@ extern int (*ip_acct_ctl_ptr)(int,struct mbuf *);
/*
* Function definitions.
*/
int ip_fw_chk(struct ip *,struct ifnet *,struct ip_fw *);
int ip_fw_chk(struct mbuf *, struct ip *,struct ifnet *,struct ip_fw *);
int ip_fw_ctl(int,struct mbuf *);
void ip_acct_cnt(struct ip *,struct ifnet *,struct ip_fw *,int);

4
sys/netinet/ip_fwdef.c
View File

@ -38,10 +38,10 @@ struct ip_fw *ip_fw_chain;
struct ip_fw *ip_acct_chain;
#ifdef IPFIREWALL
int (*ip_fw_chk_ptr)(struct ip *, struct ifnet *, struct ip_fw *) = &ip_fw_chk;
int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *, struct ifnet *, struct ip_fw *) = &ip_fw_chk;
int (*ip_fw_ctl_ptr)(int, struct mbuf *) = &ip_fw_ctl;
#else
int (*ip_fw_chk_ptr)(struct ip *, struct ifnet *, struct ip_fw *);
int (*ip_fw_chk_ptr)(struct mbuf *, struct ip *, struct ifnet *, struct ip_fw *);
int (*ip_fw_ctl_ptr)(int, struct mbuf *);
#endif

4
sys/netinet/ip_input.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)ip_input.c 8.2 (Berkeley) 1/4/94
* $Id: ip_input.c,v 1.23 1995/06/13 17:51:10 wollman Exp $
* $Id: ip_input.c,v 1.24 1995/06/27 17:26:27 guido Exp $
*/
#include <sys/param.h>
@ -242,7 +242,7 @@ next:
*/
if (ip_fw_chk_ptr!=NULL)
if (!(*ip_fw_chk_ptr)(ip,m->m_pkthdr.rcvif,ip_fw_chain) ) {
if (!(*ip_fw_chk_ptr)(m,ip,m->m_pkthdr.rcvif,ip_fw_chain) ) {
goto next;
}