diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2009-09-01 15:51:07 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2009-09-01 15:51:07 +0000 |
| commit | 43f136e01fd17c8cb8bc1b4a145830cd6eed763f (patch) | |
| tree | 722679e81355b41823fc0adcda999faaa50ac883 /sys/net/pf_norm.c | |
| parent | d9a450d8ca05a3bdea5a390443914ead3e3ee119 (diff) | |
Clear the IP_DF bit if no-df is enabled, not if it is not enabled.
Issue reported by Matthew Dempsky. Same fix suggested by fgsch@.
ok henning@
Diffstat (limited to 'sys/net/pf_norm.c')
| -rw-r--r-- | sys/net/pf_norm.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c index 330ed24b6aa..c0ac7095c74 100644 --- a/sys/net/pf_norm.c +++ b/sys/net/pf_norm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_norm.c,v 1.119 2009/07/21 14:48:08 henning Exp $ */ +/* $OpenBSD: pf_norm.c,v 1.120 2009/09/01 15:51:06 jsing Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> @@ -536,7 +536,7 @@ pf_normalize_ip(struct mbuf **m0, int dir, struct pfi_kif *kif, u_short *reason, goto drop; /* Clear IP_DF if we're in no-df mode */ - if (!(pf_status.reass & PF_REASS_NODF) && h->ip_off & htons(IP_DF)) { + if (pf_status.reass & PF_REASS_NODF && h->ip_off & htons(IP_DF)) { u_int16_t ip_off = h->ip_off; h->ip_off &= htons(~IP_DF); |