[ipfw] Unbreak lookup src/dst-ip
ClosedPublic
Actions

Authored by lytboris_gmail.com on Nov 15 2025, 6:39 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Mon, Jan 12, 10:35 AM

	Unknown Object (File)
	Sat, Jan 10, 1:54 PM

	Unknown Object (File)
	Dec 16 2025, 1:54 AM

	Unknown Object (File)
	Dec 14 2025, 9:08 PM

	Unknown Object (File)
	Dec 9 2025, 6:07 PM

	Unknown Object (File)
	Dec 4 2025, 6:53 AM

	Unknown Object (File)
	Dec 3 2025, 7:08 AM

	Unknown Object (File)
	Nov 18 2025, 5:50 PM

Subscribers

vegeta_tuxpowered.net

Details

Reviewers

melifaro

Commits

rGff3c48a64fe2: ipfw: fix lookup dst-ip opcode
rG8012c61bef3b: ipfw: fix lookup dst-ip opcode

Summary

There's a fallthough bug in a switch statement for lookup opcode caused by an extra else statement: legitimate IPv4 and IPv6 packets fall through to LOOKUP_DSCP case while they must exit switch.

Test Plan

Create rules

ipfw table mytable create type addr
ipfw table mytable add 192.168.0.0/16 # put your source address here
ipfw add count ip from any to any lookup src-ip mytable

Observe packets matching the rule