Bug in /usr/sbin/lfd sub connectiontracking

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
vgstudios
Junior Member
Posts: 3
Joined: 21 Aug 2023, 16:19

Bug in /usr/sbin/lfd sub connectiontracking

Post by vgstudios »

Bug in /usr/sbin/lfd sub connectiontracking

The hex2ip function strips leading zeros.
However for the string passed to inet_ntoa it simply strips the double colons, forgetting about the leading zeros.

This e.g. results in wrong ipv4 address for ipv4 connections on tcp6 sockets.

Example that goes wrong:
"0000000000000000FFFF0000CE0ACB74" -> "0:0:0:0:0:ffff:74cb:ace" -> "7.76.186.206"
correct would have been "116.203.10.206"

You might also want to check if a similar bug is in other places in the code (I did not check that).

Edit: Same bug is in sub processtracking.
Top
ForumAdmin
Moderator
Posts: 1524
Joined: 01 Oct 2008, 09:24

Re: Bug in /usr/sbin/lfd sub connectiontracking

Post by ForumAdmin »

Thank you for discovering and reporting this. We'll have a fix out in a few minutes
Top
vgstudios
Junior Member
Posts: 3
Joined: 21 Aug 2023, 16:19

Re: Bug in /usr/sbin/lfd sub connectiontracking

Post by vgstudios »

Thank you very much for fixing it :-)
Top
Post Reply

Return to “Report Bugs (csf)”