aboutsummaryrefslogtreecommitdiff
path: root/share/security/patches/SA-06:04/ipfw.patch
diff options
context:
space:
mode:
Diffstat (limited to 'share/security/patches/SA-06:04/ipfw.patch')
-rw-r--r--share/security/patches/SA-06:04/ipfw.patch16
1 files changed, 16 insertions, 0 deletions
diff --git a/share/security/patches/SA-06:04/ipfw.patch b/share/security/patches/SA-06:04/ipfw.patch
new file mode 100644
index 0000000000..e7a6a67973
--- /dev/null
+++ b/share/security/patches/SA-06:04/ipfw.patch
@@ -0,0 +1,16 @@
+Index: sys/netinet/ip_fw2.c
+===================================================================
+RCS file: /home/ncvs/src/sys/netinet/ip_fw2.c,v
+retrieving revision 1.120
+diff -u -d -r1.120 ip_fw2.c
+--- sys/netinet/ip_fw2.c 16 Dec 2005 13:10:32 -0000 1.120
++++ sys/netinet/ip_fw2.c 1 Jan 2006 22:56:39 -0000
+@@ -3054,7 +3054,7 @@
+ * if the packet is not ICMP (or is an ICMP
+ * query), and it is not multicast/broadcast.
+ */
+- if (hlen > 0 && is_ipv4 &&
++ if (hlen > 0 && is_ipv4 && offset == 0 &&
+ (proto != IPPROTO_ICMP ||
+ is_icmp_query(ICMP(ulp))) &&
+ !(m->m_flags & (M_BCAST|M_MCAST)) &&