Displaying 1 result from an estimated 1 matches for "prefix_to_netmask".
2009 Jun 07
2
[Bug 597] New: ip6tables connlimit - cannot set CIDR greater than 32 (includes fix)
...unioned, we're only initializing the most
significant 32 bits of the "v6_mask", but leaving the other 96 bits at zero
(zero-filling malloc assumed).
IPv4 Mask: FFFF FFFF (OK)
IPv6 Mask: FFFF FFFF 0000 0000 0000 0000 0000 0000 (PROBLEM)
This is the state of the mask BEFORE calling prefix_to_netmask(), which for
CIDRs greater than 32 will be shifting zero bits with zero bit fill - or in
other words, DOING NOTHING. Since these bits are already zero, we cannot match
them.
We should initialize the mask with this instead (as a "diff"):
- info->v4_mask = 0xFFFFFFFFUL;
+...