aboutsummaryrefslogtreecommitdiff
path: root/sbin/ipfw
diff options
context:
space:
mode:
authorAlexander V. Chernikov <melifaro@FreeBSD.org>2020-03-10 20:30:21 +0000
committerAlexander V. Chernikov <melifaro@FreeBSD.org>2020-03-10 20:30:21 +0000
commit8149b12da14b98084d9975fa086ae038defa4c91 (patch)
tree6fb958dfc0295946b867055029621c07026096b3 /sbin/ipfw
parent4d4aa256943493630aaf157f5f25fddcd95bf9c7 (diff)
downloadsrc-8149b12da14b98084d9975fa086ae038defa4c91.tar.gz
src-8149b12da14b98084d9975fa086ae038defa4c91.zip
Don't assume !IPv6 is IPv4 in ipfw(8) add_src() and add_dst().
Submitted by: Neel Chauhan <neel AT neelc DOT org> MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D21812
Notes
Notes: svn path=/head/; revision=358858
Diffstat (limited to 'sbin/ipfw')
-rw-r--r--sbin/ipfw/ipfw2.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c
index c81822782644..b54ffc74ec9f 100644
--- a/sbin/ipfw/ipfw2.c
+++ b/sbin/ipfw/ipfw2.c
@@ -3717,11 +3717,10 @@ add_src(ipfw_insn *cmd, char *av, u_char proto, int cblen, struct tidx *tstate)
if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
inet_pton(AF_INET6, host, &a) == 1)
ret = add_srcip6(cmd, av, cblen, tstate);
- /* XXX: should check for IPv4, not !IPv6 */
- if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
- inet_pton(AF_INET6, host, &a) != 1))
+ else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
+ inet_pton(AF_INET, host, &a) == 1)
ret = add_srcip(cmd, av, cblen, tstate);
- if (ret == NULL && strcmp(av, "any") != 0)
+ else if (ret == NULL && strcmp(av, "any") != 0)
ret = cmd;
return ret;
@@ -3748,11 +3747,10 @@ add_dst(ipfw_insn *cmd, char *av, u_char proto, int cblen, struct tidx *tstate)
if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
inet_pton(AF_INET6, host, &a) == 1)
ret = add_dstip6(cmd, av, cblen, tstate);
- /* XXX: should check for IPv4, not !IPv6 */
- if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
- inet_pton(AF_INET6, host, &a) != 1))
+ else if (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
+ inet_pton(AF_INET, host, &a) == 1)
ret = add_dstip(cmd, av, cblen, tstate);
- if (ret == NULL && strcmp(av, "any") != 0)
+ else if (ret == NULL && strcmp(av, "any") != 0)
ret = cmd;
return ret;