diff options
| author |   bluhm <bluhm@openbsd.org> | 2021-01-15 15:18:12 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2021-01-15 15:18:12 +0000 |
| commit | 07beafa0f95d392c3c87bf40c7a965138fb0e7bd (patch) | |
| tree | 95bdac0d45a603386c06cf26622677289b26b380 | |
| parent | Fix startup of smtpd; kill dangling smtpd; increase verbosity. (diff) | |
| download | wireguard-openbsd-07beafa0f95d392c3c87bf40c7a965138fb0e7bd.tar.xz wireguard-openbsd-07beafa0f95d392c3c87bf40c7a965138fb0e7bd.zip | |
As documented in sysctl(2) net.inet.ip.forwarding can be 2.
Relax input validation and use integer comparison.
OK kn@ mvs@ sthen@
| -rw-r--r-- | sys/netinet/ip_input.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 3b07b80df12..fca59d9f18a 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_input.c,v 1.353 2021/01/11 13:28:53 bluhm Exp $ */ +/* $OpenBSD: ip_input.c,v 1.354 2021/01/15 15:18:12 bluhm Exp $ */ /* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */ /* @@ -115,7 +115,7 @@ const struct sysctl_bounded_args ipctl_vars[] = { #ifdef MROUTING { IPCTL_MRTPROTO, &ip_mrtproto, 1, 0 }, #endif - { IPCTL_FORWARDING, &ipforwarding, 0, 1 }, + { IPCTL_FORWARDING, &ipforwarding, 0, 2 }, { IPCTL_SENDREDIRECTS, &ipsendredirects, 0, 1 }, { IPCTL_DEFTTL, &ip_defttl, 0, 255 }, { IPCTL_DIRECTEDBCAST, &ip_directedbcast, 0, 1 }, @@ -1251,7 +1251,7 @@ ip_dooptions(struct mbuf *m, struct ifnet *ifp) } } KERNEL_UNLOCK(); - if (forward && ipforwarding) { + if (forward && ipforwarding > 0) { ip_forward(m, ifp, NULL, 1); return (1); } |