|
Lines 271-276
Link Here
|
| 271 |
struct pf_addr *); |
271 |
struct pf_addr *); |
| 272 |
static int pf_check_proto_cksum(struct mbuf *, int, int, |
272 |
static int pf_check_proto_cksum(struct mbuf *, int, int, |
| 273 |
u_int8_t, sa_family_t); |
273 |
u_int8_t, sa_family_t); |
|
|
274 |
static struct pf_divert *pf_get_divert(struct mbuf *); |
| 274 |
static void pf_print_state_parts(struct pf_state *, |
275 |
static void pf_print_state_parts(struct pf_state *, |
| 275 |
struct pf_state_key *, struct pf_state_key *); |
276 |
struct pf_state_key *, struct pf_state_key *); |
| 276 |
static int pf_addr_wrap_neq(struct pf_addr_wrap *, |
277 |
static int pf_addr_wrap_neq(struct pf_addr_wrap *, |
|
Lines 5619-5625
Link Here
|
| 5619 |
return (0); |
5620 |
return (0); |
| 5620 |
} |
5621 |
} |
| 5621 |
|
5622 |
|
|
|
5623 |
struct pf_divert * |
| 5624 |
pf_get_divert(struct mbuf *m) |
| 5625 |
{ |
| 5626 |
struct m_tag *mtag; |
| 5622 |
|
5627 |
|
|
|
5628 |
if ((mtag = m_tag_find(m, PACKET_TAG_PF_DIVERT, NULL)) == NULL) { |
| 5629 |
mtag = m_tag_get(PACKET_TAG_PF_DIVERT, sizeof(struct pf_divert), |
| 5630 |
M_NOWAIT); |
| 5631 |
if (mtag == NULL) |
| 5632 |
return (NULL); |
| 5633 |
bzero(mtag + 1, sizeof(struct pf_divert)); |
| 5634 |
m_tag_prepend(m, mtag); |
| 5635 |
} |
| 5636 |
|
| 5637 |
return ((struct pf_divert *)(mtag + 1)); |
| 5638 |
} |
| 5639 |
|
| 5623 |
#ifdef INET |
5640 |
#ifdef INET |
| 5624 |
int |
5641 |
int |
| 5625 |
pf_test(int dir, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp) |
5642 |
pf_test(int dir, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp) |
|
Lines 5904-5909
Link Here
|
| 5904 |
} |
5921 |
} |
| 5905 |
} |
5922 |
} |
| 5906 |
|
5923 |
|
|
|
5924 |
if (action == PF_PASS && r->divert.port && dir == PF_IN /*&& r->direction == PF_OUT*/ ) { |
| 5925 |
struct pf_divert *divert; |
| 5926 |
if ((divert = pf_get_divert(m))) { |
| 5927 |
m->m_flags |= M_FASTFWD_OURS; |
| 5928 |
divert->port = r->divert.port; |
| 5929 |
divert->addr.ipv4 = r->divert.addr.v4; |
| 5930 |
} |
| 5931 |
} |
| 5932 |
|
| 5907 |
if (log) { |
5933 |
if (log) { |
| 5908 |
struct pf_rule *lr; |
5934 |
struct pf_rule *lr; |
| 5909 |
|
5935 |
|
|
Lines 6275-6283
Link Here
|
| 6275 |
IN6_IS_ADDR_LOOPBACK(&pd.dst->v6)) |
6301 |
IN6_IS_ADDR_LOOPBACK(&pd.dst->v6)) |
| 6276 |
m->m_flags |= M_SKIP_FIREWALL; |
6302 |
m->m_flags |= M_SKIP_FIREWALL; |
| 6277 |
|
6303 |
|
| 6278 |
/* XXX: Anybody working on it?! */ |
6304 |
if (action == PF_PASS && r->divert.port && dir == PF_IN /*&& r->direction == PF_OUT*/) { |
| 6279 |
if (r->divert.port) |
6305 |
struct pf_divert *divert; |
| 6280 |
printf("pf: divert(9) is not supported for IPv6\n"); |
6306 |
if ((divert = pf_get_divert(m))) { |
|
|
6307 |
m->m_flags |= M_FASTFWD_OURS; |
| 6308 |
divert->port = r->divert.port; |
| 6309 |
divert->addr.ipv6 = r->divert.addr.v6; |
| 6310 |
} |
| 6311 |
} |
| 6281 |
|
6312 |
|
| 6282 |
if (log) { |
6313 |
if (log) { |
| 6283 |
struct pf_rule *lr; |
6314 |
struct pf_rule *lr; |