FreeBSD Bugzilla – Attachment 140505 Details for
Bug 187105
[PATCH] net/miniupnpd fix incrrect redirect filter
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
miniupnpd.patch
miniupnpd.patch (text/plain), 3.02 KB, created by
hashiz
on 2014-02-27 06:30:00 UTC
(
hide
)
Description:
miniupnpd.patch
Filename:
MIME Type:
Creator:
hashiz
Created:
2014-02-27 06:30:00 UTC
Size:
3.02 KB
patch
obsolete
>diff -ruN net/miniupnpd.orig/Makefile net/miniupnpd/Makefile >--- net/miniupnpd.orig/Makefile 2014-01-26 23:27:10.000000000 +0900 >+++ net/miniupnpd/Makefile 2014-02-27 14:18:05.000000000 +0900 >@@ -3,7 +3,7 @@ > > PORTNAME= miniupnpd > PORTVERSION= 1.8 >-PORTREVISION= 1 >+PORTREVISION= 2 > PORTEPOCH= 1 > CATEGORIES= net > MASTER_SITES= http://miniupnp.tuxfamily.org/files/ \ >@@ -28,7 +28,8 @@ > > .include <bsd.port.options.mk> > .if ${PORT_OPTIONS:MPF_ENABLE_FILTER_RULES} >-EXTRA_PATCHES= ${PATCHDIR}/pf_enable_filter_rules.patch >+EXTRA_PATCHES= ${PATCHDIR}/pf_enable_filter_rules.patch \ >+ ${PATCHDIR}/fixredirect.patch > .endif > > post-patch-script: >diff -ruN net/miniupnpd.orig/files/fixredirect.patch net/miniupnpd/files/fixredirect.patch >--- net/miniupnpd.orig/files/fixredirect.patch 1970-01-01 09:00:00.000000000 +0900 >+++ net/miniupnpd/files/fixredirect.patch 2014-02-27 14:14:37.000000000 +0900 >@@ -0,0 +1,68 @@ >+--- pf/obsdrdr.c.orig 2014-02-27 13:38:57.000000000 +0900 >++++ pf/obsdrdr.c 2014-02-27 13:41:27.000000000 +0900 >+@@ -365,7 +365,7 @@ >+ #endif >+ >+ pcr.rule.dst.port_op = PF_OP_EQ; >+- pcr.rule.dst.port[0] = htons(eport); >++ pcr.rule.dst.port[0] = htons(iport); >+ pcr.rule.direction = PF_IN; >+ pcr.rule.action = PF_PASS; >+ pcr.rule.af = AF_INET; >+@@ -399,7 +399,7 @@ >+ pcr.rule.src.addr.v.a.mask.v4.s_addr = htonl(INADDR_NONE); >+ } >+ #ifndef PF_NEWSTYLE >+- pcr.rule.rpool.proxy_port[0] = eport; >++ pcr.rule.rpool.proxy_port[0] = iport; >+ a = calloc(1, sizeof(struct pf_pooladdr)); >+ inet_pton(AF_INET, iaddr, &a->addr.v.a.addr.v4.s_addr); >+ a->addr.v.a.mask.v4.s_addr = htonl(INADDR_NONE); >+@@ -617,10 +617,10 @@ >+ } >+ >+ int >+-delete_filter_rule(const char * ifname, unsigned short eport, int proto) >++delete_filter_rule(const char * ifname, unsigned short iport, int proto) >+ { >+ #ifndef PF_ENABLE_FILTER_RULES >+- UNUSED(ifname); UNUSED(eport); UNUSED(proto); >++ UNUSED(ifname); UNUSED(iport); UNUSED(proto); >+ return 0; >+ #else >+ int i, n; >+@@ -646,7 +646,7 @@ >+ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m"); >+ goto error; >+ } >+- if( (eport == ntohs(pr.rule.dst.port[0])) >++ if( (iport == ntohs(pr.rule.dst.port[0])) >+ && (pr.rule.proto == proto) ) >+ { >+ pr.action = PF_CHANGE_GET_TICKET; >+--- upnpredirect.c.orig 2014-02-27 13:42:05.000000000 +0900 >++++ upnpredirect.c 2014-02-27 14:00:06.000000000 +0900 >+@@ -420,8 +420,22 @@ >+ #if defined(__linux__) >+ r = delete_redirect_and_filter_rules(eport, proto); >+ #else >++ char iaddr[INET6_ADDRSTRLEN]; >++ unsigned short iport; >++ char desc[64]; >++ char rhost[64]; >++ unsigned int timestamp; >++ u_int64_t packets; >++ u_int64_t bytes; >++ int r2 = get_redirect_rule(ext_if_name, eport, proto, >++ &iaddr, sizeof(iaddr), &iport, >++ &desc, sizeof(desc), >++ &rhost, sizeof(rhost), >++ ×tamp, >++ &packets, &bytes); >+ r = delete_redirect_rule(ext_if_name, eport, proto); >+- delete_filter_rule(ext_if_name, eport, proto); >++ if (r2==0) >++ delete_filter_rule(ext_if_name, iport, proto); >+ #endif >+ #ifdef ENABLE_LEASEFILE >+ lease_file_remove( eport, proto);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=140505">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 187105
: 140505 |
140506