diff options
author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2002-12-18 14:41:38 +0000 |
---|---|---|
committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2002-12-18 14:41:38 +0000 |
commit | ceeb46279ea56ce8c50caa7198aa51413319e949 (patch) | |
tree | 4e8ecc85ba5fc19a3a42ec1ec965f84a68addefe /sys/net/pf.c | |
parent | 4d844fd721eeaba03e79897349cd749af6eed3d0 (diff) |
Match the rule protocol against the actual protocol of the packet, not just
tcp. A silly copy/paste error by yours truly located by deraadt@
Diffstat (limited to 'sys/net/pf.c')
-rw-r--r-- | sys/net/pf.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index bff784864e5..3000943ff82 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.271 2002/12/17 12:30:13 mcbride Exp $ */ +/* $OpenBSD: pf.c,v 1.272 2002/12/18 14:41:37 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1585,7 +1585,7 @@ pf_match_translation(int direction, struct ifnet *ifp, u_int8_t proto, r = r->skip[PF_SKIP_DIR]; else if (r->af && r->af != af) r = r->skip[PF_SKIP_AF]; - else if (r->proto && r->proto != IPPROTO_TCP) + else if (r->proto && r->proto != proto) r = r->skip[PF_SKIP_PROTO]; else if (!PF_AZERO(&src->addr.mask, af) && !PF_MATCHA(src->not, |