diff options
author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-01-25 22:48:46 +0000 |
---|---|---|
committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-01-25 22:48:46 +0000 |
commit | 542008969a1e5b933f10cb8012464df201215253 (patch) | |
tree | aeb99dd8829e60590617998e30f850f6ae73d477 /sys | |
parent | 799e5b8578861fa1146f1c37631887473a67b32a (diff) |
Fix the behaviour of rdr rules which redirect to a range of ports;
Stop overloading PF_OP_RRG as a flag where it doesn't make sense, and
makes the port mapping more flexble, allows mapping a destination port range
of one size to an other of a different size.
Fixes and additional testing courtesy of dhartmei@
ok dhartmei@
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/pf.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index a69fc0bece5..e3f881170eb 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.310 2003/01/24 15:55:36 dhartmei Exp $ */ +/* $OpenBSD: pf.c,v 1.311 2003/01/25 22:48:45 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1750,10 +1750,15 @@ pf_get_translation(int direction, struct ifnet *ifp, u_int8_t proto, &r->src.addr.v.a.addr, naddr, NULL)) return (NULL); - if (r->dst.port_op == PF_OP_RRG) { + if (r->rpool.proxy_port[1]) { u_int32_t tmp_nport; - tmp_nport = ntohs(r->rpool.proxy_port[0]) + - (ntohs(dport) - ntohs(r->dst.port[0])); + + tmp_nport = ((ntohs(dport) - + ntohs(r->dst.port[0])) % + (ntohs(r->rpool.proxy_port[1]) - + ntohs(r->rpool.proxy_port[0]) + 1)) + + ntohs(r->rpool.proxy_port[0]); + /* wrap around if necessary */ if (tmp_nport > 65535) tmp_nport -= 65535; |