FreeBSD Bugzilla – Attachment 251931 Details for
Bug 273198
[14.0 CURRENT] PF recognizes encrypted IPSec traffic as coming from WAN. | NAT with IPsec Phase 2 Networks
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
pf_if_enc.diff
pf_if_enc.diff (text/plain), 575 bytes, created by
Igor Ostapenko
on 2024-07-08 08:13:18 UTC
(
hide
)
Description:
pf_if_enc.diff
Filename:
MIME Type:
Creator:
Igor Ostapenko
Created:
2024-07-08 08:13:18 UTC
Size:
575 bytes
patch
obsolete
>diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c >index 1e3f09783e4..21647bd733f 100644 >--- a/sys/netpfil/pf/pf.c >+++ b/sys/netpfil/pf/pf.c >@@ -8082,6 +8082,13 @@ pf_test(int dir, int pflags, struct ifnet *ifp, struct mbuf **m0, > pd.af = AF_INET; > pd.act.rtableid = -1; > >+ if (m->m_len < sizeof(struct ip) && >+ (m = *m0 = m_pullup(*m0, sizeof(struct ip))) == NULL) { >+ DPFPRINTF(PF_DEBUG_URGENT, >+ ("pf_test: m_len < sizeof(struct ip), pullup failed\n")); >+ PF_RULES_RUNLOCK(); >+ return (PF_DROP); >+ } > h = mtod(m, struct ip *); > off = h->ip_hl << 2; >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=251931">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 273198
:
251676
| 251931