summaryrefslogtreecommitdiff
path: root/sys/net/pf.c
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2008-07-10 07:41:22 +0000
committerDamien Miller <djm@cvs.openbsd.org>2008-07-10 07:41:22 +0000
commitdc1ecf146e4c99810663f29de8843975947a7a64 (patch)
tree69361157d2890a1098c1871b82cca6ab10363848 /sys/net/pf.c
parent4ab0904d9a4d46030b5d651081155db15eddc27f (diff)
check pf NAT source port allocation against net.inet.(tcp|udp).baddynamic
lists; prevents use of ports corresponding to well-known services. replace a couple of arc4random()%N with arc4random_uniform(N) that missed the first round. ok mcbride@
Diffstat (limited to 'sys/net/pf.c')
-rw-r--r--sys/net/pf.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 985ca3640a0..e21bf9f9f16 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.608 2008/07/10 05:44:54 david Exp $ */
+/* $OpenBSD: pf.c,v 1.609 2008/07/10 07:41:21 djm Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -2429,12 +2429,12 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_rule *r,
high = tmp;
}
/* low < high */
- cut = htonl(arc4random()) % (1 + high - low) + low;
+ cut = arc4random_uniform(1 + high - low) + low;
/* low <= cut <= high */
for (tmp = cut; tmp <= high; ++(tmp)) {
key.port[0] = htons(tmp);
if (pf_find_state_all(&key, PF_IN, NULL) ==
- NULL) {
+ NULL && !in_baddynamic(tmp, proto)) {
*nport = htons(tmp);
return (0);
}
@@ -2442,7 +2442,7 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_rule *r,
for (tmp = cut - 1; tmp >= low; --(tmp)) {
key.port[0] = htons(tmp);
if (pf_find_state_all(&key, PF_IN, NULL) ==
- NULL) {
+ NULL && !in_baddynamic(tmp, proto)) {
*nport = htons(tmp);
return (0);
}
@@ -3235,8 +3235,8 @@ pf_test_rule(struct pf_rule **rm, struct pf_state **sm, int direction,
!pf_match_gid(r->gid.op, r->gid.gid[0], r->gid.gid[1],
pd->lookup.gid))
r = TAILQ_NEXT(r, entries);
- else if (r->prob && r->prob <=
- (arc4random() % (UINT_MAX - 1) + 1))
+ else if (r->prob &&
+ r->prob <= arc4random_uniform(UINT_MAX - 1) + 1)
r = TAILQ_NEXT(r, entries);
else if (r->match_tag && !pf_match_tag(m, r, &tag))
r = TAILQ_NEXT(r, entries);