On Fri, Aug 05, 2005 at 03:06:19PM +0400, Boris Polevoy wrote:
> In step 2 ioctl(DIOCADDADDR) do not check pool ticket value, and there is
> possible situation of malicious or failure
> address pool addition whithout geting pool ticket from another process.
>
> Is it bug or not?
Yes, I think it
Hello, All!
I found some possible problem in funcion pf_ioctl.c/pfioctl() in FreeBSD
5.4-RELEASE PF.
To add PF rdr (nat) rule in active ruleset we have to do several steps:
1) get pool ticket with ioctl(DIOCBEGINADDRS);
2) create addresses pool with several ioctl(DIOCADDADDR);
3) get ticket for
