pf(4) currently ignores fragment direction (in vs. out)

mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00

in pf_frnode_compare() function.

Issue noticed and reported by Frank Denis

OK @bluhm

This commit is contained in:

sashan

2026-05-28 06:41:24 +00:00

parent 545182717d

commit eaa2c80721

1 changed files with 3 additions and 1 deletions

									
										sys/net/pf_norm.c
									
		+3
		-1
	
												View File
												
				@@ -1,4 +1,4 @@

				/*	$OpenBSD: pf_norm.c,v 1.237 2026/04/12 22:34:19 sashan Exp $ */

				/*	$OpenBSD: pf_norm.c,v 1.238 2026/05/28 06:41:24 sashan Exp $ */

				/*

				 * Copyright 2001 Niels Provos <provos@citi.umich.edu>

				@@ -176,6 +176,8 @@ pf_frnode_compare(struct pf_frnode *a, struct pf_frnode *b)

						return (diff);

					if ((diff = a->fn_af - b->fn_af) != 0)

						return (diff);

					if ((diff = a->fn_direction - b->fn_direction) != 0)

						return (diff);

					if ((diff = pf_addr_compare(&a->fn_src, &b->fn_src, a->fn_af)) != 0)

						return (diff);

					if ((diff = pf_addr_compare(&a->fn_dst, &b->fn_dst, a->fn_af)) != 0)