diff options
| author |   Odd Stranne <odd@mullvad.net> | 2019-05-16 14:05:45 +0200 |
|---|---|---|
| committer |   Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-16 14:11:53 +0200 |
| commit | ac2b1c55039bc17023c0bc298f34a476e5186986 (patch) | |
| tree | ef89d08250f628ef64cdd2eb17008b0634caf40c | |
| parent | service: token elevation stuff is upstream (diff) | |
| download | wireguard-windows-ac2b1c55039bc17023c0bc298f34a476e5186986.tar.xz wireguard-windows-ac2b1c55039bc17023c0bc298f34a476e5186986.zip | |
firewall: correct protocol condition in NDP filters
Signed-off-by: Odd Stranne <odd@mullvad.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| -rw-r--r-- | service/firewall/rules.go | 10 | ||||
| -rw-r--r-- | service/firewall/types_windows.go | 7 |
2 files changed, 9 insertions, 8 deletions
diff --git a/service/firewall/rules.go b/service/firewall/rules.go index 7fc5bef4..c2ba4b28 100644 --- a/service/firewall/rules.go +++ b/service/firewall/rules.go @@ -611,7 +611,7 @@ func permitNdp(session uintptr, baseObjects *baseObjects, weight uint8) error { conditions[0].fieldKey = cFWPM_CONDITION_IP_PROTOCOL conditions[0].matchType = cFWP_MATCH_EQUAL conditions[0].conditionValue._type = cFWP_UINT8 - conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMP) + conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMPV6) conditions[1].fieldKey = cFWPM_CONDITION_ICMP_TYPE conditions[1].matchType = cFWP_MATCH_EQUAL @@ -650,7 +650,7 @@ func permitNdp(session uintptr, baseObjects *baseObjects, weight uint8) error { conditions[0].fieldKey = cFWPM_CONDITION_IP_PROTOCOL conditions[0].matchType = cFWP_MATCH_EQUAL conditions[0].conditionValue._type = cFWP_UINT8 - conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMP) + conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMPV6) conditions[1].fieldKey = cFWPM_CONDITION_ICMP_TYPE conditions[1].matchType = cFWP_MATCH_EQUAL @@ -689,7 +689,7 @@ func permitNdp(session uintptr, baseObjects *baseObjects, weight uint8) error { conditions[0].fieldKey = cFWPM_CONDITION_IP_PROTOCOL conditions[0].matchType = cFWP_MATCH_EQUAL conditions[0].conditionValue._type = cFWP_UINT8 - conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMP) + conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMPV6) conditions[1].fieldKey = cFWPM_CONDITION_ICMP_TYPE conditions[1].matchType = cFWP_MATCH_EQUAL @@ -729,7 +729,7 @@ func permitNdp(session uintptr, baseObjects *baseObjects, weight uint8) error { conditions[0].fieldKey = cFWPM_CONDITION_IP_PROTOCOL conditions[0].matchType = cFWP_MATCH_EQUAL conditions[0].conditionValue._type = cFWP_UINT8 - conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMP) + conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMPV6) conditions[1].fieldKey = cFWPM_CONDITION_ICMP_TYPE conditions[1].matchType = cFWP_MATCH_EQUAL @@ -769,7 +769,7 @@ func permitNdp(session uintptr, baseObjects *baseObjects, weight uint8) error { conditions[0].fieldKey = cFWPM_CONDITION_IP_PROTOCOL conditions[0].matchType = cFWP_MATCH_EQUAL conditions[0].conditionValue._type = cFWP_UINT8 - conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMP) + conditions[0].conditionValue.value = uintptr(cIPPROTO_ICMPV6) conditions[1].fieldKey = cFWPM_CONDITION_ICMP_TYPE conditions[1].matchType = cFWP_MATCH_EQUAL diff --git a/service/firewall/types_windows.go b/service/firewall/types_windows.go index 9aa5ccce..e06f7d2b 100644 --- a/service/firewall/types_windows.go +++ b/service/firewall/types_windows.go @@ -410,7 +410,8 @@ const ( type wtIPProto uint32 const ( - cIPPROTO_ICMP wtIPProto = 1 - cIPPROTO_TCP wtIPProto = 6 - cIPPROTO_UDP wtIPProto = 17 + cIPPROTO_ICMP wtIPProto = 1 + cIPPROTO_ICMPV6 wtIPProto = 58 + cIPPROTO_TCP wtIPProto = 6 + cIPPROTO_UDP wtIPProto = 17 ) |