FreeBSD Bugzilla – Attachment 186898 Details for
Bug 222768
ipfw can't distinguish an inbound packets forwarded via if_bridge
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
patch-ipfw (text/plain), 1.59 KB, created by
Alexander Zagrebin
on 2017-10-04 08:01:09 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Alexander Zagrebin
Created:
2017-10-04 08:01:09 UTC
Size:
1.59 KB
patch
obsolete
>--- ip_fw_private.h.orig 2017-07-06 22:56:37.107986503 +0300 >+++ ip_fw_private.h 2017-10-04 08:24:29.724189000 +0300 >@@ -82,6 +82,7 @@ > */ > struct ip_fw_args { > struct mbuf *m; /* the mbuf chain */ >+ struct ifnet *iif; /* intermediate interface */ > struct ifnet *oif; /* output interface */ > struct sockaddr_in *next_hop; /* forward address */ > struct sockaddr_in6 *next_hop6; /* ipv6 forward address */ > > >--- ip_fw_pfil.c.orig 2017-07-06 22:56:39.178985707 +0300 >+++ ip_fw_pfil.c 2017-10-04 08:43:16.598927000 +0300 >@@ -145,6 +145,7 @@ > } > > args.m = *m0; >+ args.iif = dir == DIR_IN && ifp != args.m->m_pkthdr.rcvif ? ifp : NULL; > args.oif = dir == DIR_OUT ? ifp : NULL; > args.inp = inp; > >@@ -341,6 +342,7 @@ > m_adj(m, ETHER_HDR_LEN); /* strip ethernet header */ > > args.m = m; /* the packet we are looking at */ >+ args.iif = dir == PFIL_IN && ifp != m->m_pkthdr.rcvif ? ifp : NULL; > args.oif = dir == PFIL_OUT ? ifp: NULL; /* destination, if any */ > args.next_hop = NULL; /* we do not support forward yet */ > args.next_hop6 = NULL; /* we do not support forward yet */ > > >--- ip_fw2.c.orig 2017-07-06 22:56:39.180986274 +0300 >+++ ip_fw2.c 2017-10-04 09:26:00.528889000 +0300 >@@ -914,6 +914,8 @@ > #endif > int ucred_lookup = 0; > >+ struct ifnet *iif = args->iif; >+ > /* > * oif | args->oif If NULL, ipfw_chk has been called on the > * inbound path (ether_input, ip_input). >@@ -1384,7 +1386,7 @@ > > case O_VIA: > match = iface_match(oif ? oif : >- m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, >+ iif ? iif : m->m_pkthdr.rcvif, (ipfw_insn_if *)cmd, > chain, &tablearg); > break; >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 222768
: 186898