]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
Author: Brad Smith <brad@comstyle.com>
authorAmos Jeffries <squid3@treenet.co.nz>
Mon, 7 Jul 2008 04:58:26 +0000 (16:58 +1200)
committerAmos Jeffries <squid3@treenet.co.nz>
Mon, 7 Jul 2008 04:58:26 +0000 (16:58 +1200)
Bug 2396: Correct the opening of the PF device file.

The PF device file is supposed to be opened read-only as of quite a number of
releases ago.

src/IPInterception.cc

index c2e612cb4b3cd9faa28d9d0e615a6174a1cfc2fa..2533594115736eb2bf99046fc827feee49b753a8 100644 (file)
@@ -365,7 +365,7 @@ IPIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAdd
     if( !peer.IsIPv4() ) return -1;
 
     if (pffd < 0)
-        pffd = open("/dev/pf", O_RDWR);
+        pffd = open("/dev/pf", O_RDONLY);
 
     if (pffd < 0)
     {