Grrr, forward address is in network byte order
authorSepherosa Ziehau <sephe@dragonflybsd.org>
Tue, 26 Aug 2008 11:42:40 +0000 (11:42 +0000)
committerSepherosa Ziehau <sephe@dragonflybsd.org>
Tue, 26 Aug 2008 11:42:40 +0000 (11:42 +0000)
sys/net/ipfw/ip_fw2.c

index 2078cb6..bbabe58 100644 (file)
@@ -23,7 +23,7 @@
  * SUCH DAMAGE.
  *
  * $FreeBSD: src/sys/netinet/ip_fw2.c,v 1.6.2.12 2003/04/08 10:42:32 maxim Exp $
- * $DragonFly: src/sys/net/ipfw/ip_fw2.c,v 1.76 2008/08/26 11:26:26 sephe Exp $
+ * $DragonFly: src/sys/net/ipfw/ip_fw2.c,v 1.77 2008/08/26 11:42:40 sephe Exp $
  */
 
 #define        DEB(x)
@@ -3587,13 +3587,18 @@ ipfw_check_ioc_rule(struct ipfw_ioc_rule *rule, int size, uint32_t *rule_flags)
                        goto check_action;
 
                case O_FORWARD_IP:
-                       if (cmdlen != F_INSN_SIZE(ipfw_insn_sa))
+                       if (cmdlen != F_INSN_SIZE(ipfw_insn_sa)) {
                                goto bad_size;
-                       if (IN_MULTICAST(((ipfw_insn_sa *)cmd)
-                                        ->sa.sin_addr.s_addr)) {
-                               kprintf("ipfw: try forwarding to "
-                                       "multicast address\n");
-                               return EINVAL;
+                       } else {
+                               in_addr_t fwd_addr;
+
+                               fwd_addr = ((ipfw_insn_sa *)cmd)->
+                                          sa.sin_addr.s_addr;
+                               if (IN_MULTICAST(ntohl(fwd_addr))) {
+                                       kprintf("ipfw: try forwarding to "
+                                               "multicast address\n");
+                                       return EINVAL;
+                               }
                        }
                        goto check_action;