From: Sepherosa Ziehau Date: Sat, 13 Sep 2008 07:15:14 +0000 (+0000) Subject: Add FW_MBUF_REDISPATCH, which should be set by various firewall code, X-Git-Tag: v2.1.1~427 X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/012d335df074789945987fb05a2935b34fe53061 Add FW_MBUF_REDISPATCH, which should be set by various firewall code, if ip fragments get reassembled. --- diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 104548436d..83ea5c2dc6 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -65,7 +65,7 @@ * * @(#)ip_input.c 8.2 (Berkeley) 1/4/94 * $FreeBSD: src/sys/netinet/ip_input.c,v 1.130.2.52 2003/03/07 07:01:28 silby Exp $ - * $DragonFly: src/sys/netinet/ip_input.c,v 1.101 2008/09/13 05:49:08 sephe Exp $ + * $DragonFly: src/sys/netinet/ip_input.c,v 1.102 2008/09/13 07:15:14 sephe Exp $ */ #define _IP_VHL @@ -411,7 +411,7 @@ ip_input_handler(struct netmsg *msg0) #ifdef IPDIVERT static struct mbuf * -ip_divert_in(struct mbuf *m, int tee, boolean_t *needredispatch) +ip_divert_in(struct mbuf *m, int tee) { struct mbuf *clone = NULL; struct ip *ip = mtod(m, struct ip *); @@ -441,7 +441,8 @@ ip_divert_in(struct mbuf *m, int tee, boolean_t *needredispatch) return NULL; ip = mtod(m, struct ip *); - *needredispatch = TRUE; + /* Caller need to redispatch the packet, if it is for us */ + m->m_pkthdr.fw_flags |= FW_MBUF_REDISPATCH; /* * Get the header length of the reassembled @@ -724,7 +725,7 @@ iphack: case IP_FW_DIVERT: #ifdef IPDIVERT - m = ip_divert_in(m, tee, &needredispatch); + m = ip_divert_in(m, tee); if (m == NULL) return; ip = mtod(m, struct ip *); @@ -749,6 +750,10 @@ pass: ip_dn_queue(m); return; } + if (m->m_pkthdr.fw_flags & FW_MBUF_REDISPATCH) { + needredispatch = TRUE; + m->m_pkthdr.fw_flags &= ~FW_MBUF_REDISPATCH; + } /* * Process options and, if not destined for us, diff --git a/sys/sys/mbuf.h b/sys/sys/mbuf.h index 0288dd9763..1cf09417af 100644 --- a/sys/sys/mbuf.h +++ b/sys/sys/mbuf.h @@ -34,7 +34,7 @@ * * @(#)mbuf.h 8.5 (Berkeley) 2/19/95 * $FreeBSD: src/sys/sys/mbuf.h,v 1.44.2.17 2003/04/15 06:15:02 silby Exp $ - * $DragonFly: src/sys/sys/mbuf.h,v 1.52 2008/08/27 14:00:45 sephe Exp $ + * $DragonFly: src/sys/sys/mbuf.h,v 1.53 2008/09/13 07:15:14 sephe Exp $ */ #ifndef _SYS_MBUF_H_ @@ -248,6 +248,7 @@ struct mbuf { #define IPFORWARD_MBUF_TAGGED 0x00000040 #define DUMMYNET_MBUF_TAGGED 0x00000080 #define ALTQ_MBUF_STATE_HASHED 0x00000100 +#define FW_MBUF_REDISPATCH 0x00000200 #define PF_MBUF_GENERATED FW_MBUF_GENERATED #define IPFW_MBUF_GENERATED FW_MBUF_GENERATED