1
0
Fork 0
mirror of https://github.com/M66B/NetGuard.git synced 2024-12-29 03:14:57 +00:00

Native port 0 is reserved and should not be used

This commit is contained in:
M66B 2016-02-06 09:12:24 +01:00
parent bfc6a509fb
commit e1f01dd803

View file

@ -1434,8 +1434,8 @@ void handle_ip(const struct arguments *args, const uint8_t *pkt, const size_t le
// Get ports & flags
int syn = 0;
int32_t sport = -1;
int32_t dport = -1;
uint16_t sport = 0;
uint16_t dport = 0;
if (protocol == IPPROTO_ICMP || protocol == IPPROTO_ICMPV6) {
struct icmp *icmp = (struct icmp *) payload;
@ -1492,11 +1492,11 @@ void handle_ip(const struct arguments *args, const uint8_t *pkt, const size_t le
saddr128[10] = (uint8_t) 0xFF;
saddr128[11] = (uint8_t) 0xFF;
memcpy(saddr128 + 12, saddr, 4);
uid = get_uid(protocol, 6, saddr128, (const uint16_t) sport, dump);
uid = get_uid(protocol, 6, saddr128, sport, dump);
}
if (uid < 0)
uid = get_uid(protocol, version, saddr, (const uint16_t) sport, dump);
uid = get_uid(protocol, version, saddr, sport, dump);
// Retry delay
if (uid < 0 && tries < UID_MAXTRY) {
@ -1527,7 +1527,7 @@ void handle_ip(const struct arguments *args, const uint8_t *pkt, const size_t le
if (protocol == IPPROTO_UDP && dport == 53)
allowed = 1; // allow DNS
else if (protocol == IPPROTO_UDP && has_udp_session(pkt, payload))
allowed = 1; // could be a lingering session
allowed = 1; // could be a lingering/blocked session
else if (protocol == IPPROTO_TCP && !syn)
allowed = 1; // assume session
else {
@ -1548,7 +1548,8 @@ void handle_ip(const struct arguments *args, const uint8_t *pkt, const size_t le
else {
if (protocol == IPPROTO_UDP)
block_udp(args, pkt, length, payload, uid);
log_android(ANDROID_LOG_INFO, "Address %s/%u syn %d not allowed", dest, dport, syn);
log_android(ANDROID_LOG_INFO, "Address v%d p%d %s/%u syn %d not allowed",
version, protocol, dest, dport, syn);
}
#ifdef PROFILE_EVENTS