* fix incorrect filter port in pf redirect.

2014-02-28 11:28:07 +09:00 · 2014-02-28 11:28:07 +09:00 · 1efb4cc03c
parent c492b6f56f
commit 1efb4cc03c
2 changed files with 20 additions and 6 deletions
--- a/miniupnpd/pf/obsdrdr.c
+++ b/miniupnpd/pf/obsdrdr.c
@ -374,7 +374,7 @@ add_filter_rule2(const char * ifname,
 #endif

 		pcr.rule.dst.port_op = PF_OP_EQ;
-		pcr.rule.dst.port[0] = htons(eport);
+		pcr.rule.dst.port[0] = htons(iport);
 		pcr.rule.direction = PF_IN;
 		pcr.rule.action = PF_PASS;
 		pcr.rule.af = AF_INET;
@ -408,7 +408,7 @@ add_filter_rule2(const char * ifname,
 			pcr.rule.src.addr.v.a.mask.v4.s_addr = htonl(INADDR_NONE);
 		}
 #ifndef PF_NEWSTYLE
-		pcr.rule.rpool.proxy_port[0] = eport;
+		pcr.rule.rpool.proxy_port[0] = iport;
 		a = calloc(1, sizeof(struct pf_pooladdr));
 		inet_pton(AF_INET, iaddr, &a->addr.v.a.addr.v4.s_addr);
 		a->addr.v.a.mask.v4.s_addr = htonl(INADDR_NONE);
@ -636,10 +636,10 @@ error:
 }

 int
-delete_filter_rule(const char * ifname, unsigned short eport, int proto)
+delete_filter_rule(const char * ifname, unsigned short iport, int proto)
 {
 #ifndef PF_ENABLE_FILTER_RULES
-	UNUSED(ifname); UNUSED(eport); UNUSED(proto);
+	UNUSED(ifname); UNUSED(iport); UNUSED(proto);
 	return 0;
 #else
 	int i, n;
@ -665,7 +665,7 @@ delete_filter_rule(const char * ifname, unsigned short eport, int proto)
 			syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
 			goto error;
 		}
-		if( (eport == ntohs(pr.rule.dst.port[0]))
+		if( (iport == ntohs(pr.rule.dst.port[0]))
 		  && (pr.rule.proto == proto) )
 		{
 			pr.action = PF_CHANGE_GET_TICKET;
--- a/miniupnpd/upnpredirect.c
+++ b/miniupnpd/upnpredirect.c
@ -420,8 +420,22 @@ _upnp_delete_redir(unsigned short eport, int proto)
 #if defined(__linux__)
 	r = delete_redirect_and_filter_rules(eport, proto);
 #else
+	char iaddr[INET6_ADDRSTRLEN];
+	unsigned short iport;
+	char desc[64];
+	char rhost[64];
+	unsigned int timestamp;
+	u_int64_t packets;
+	u_int64_t bytes;
+	int r2 = get_redirect_rule(ext_if_name, eport, proto,
+				   &iaddr, sizeof(iaddr), &iport,
+				   &desc, sizeof(desc),
+				   &rhost, sizeof(rhost),
+				   &timestamp,
+				   &packets, &bytes);
 	r = delete_redirect_rule(ext_if_name, eport, proto);
-	delete_filter_rule(ext_if_name, eport, proto);
+	if (r2==0)
+		delete_filter_rule(ext_if_name, iport, proto);
 #endif
 #ifdef ENABLE_LEASEFILE
 	lease_file_remove( eport, proto);