diff options
| author | rwatson <rwatson@FreeBSD.org> | 2007-10-28 17:12:48 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2007-10-28 17:12:48 +0000 |
| commit | 369fd04f480478bfb9d2cb1566ec0189185a020e (patch) | |
| tree | 538321b7fe182a0082beacd5d1ff13b9d63f3fca /sys/contrib/pf | |
| parent | 6b31aa449ccb86216e7b0fbfdaf1540f5cf34e82 (diff) | |
| download | FreeBSD-src-369fd04f480478bfb9d2cb1566ec0189185a020e.zip FreeBSD-src-369fd04f480478bfb9d2cb1566ec0189185a020e.tar.gz | |
Continue to move from generic network entry points in the TrustedBSD MAC
Framework by moving from mac_mbuf_create_netlayer() to more specific
entry points for specific network services:
- mac_netinet_firewall_reply() to be used when replying to in-bound TCP
segments in pf and ipfw (etc).
- Rename mac_netinet_icmp_reply() to mac_netinet_icmp_replyinplace() and
add mac_netinet_icmp_reply(), reflecting that in some cases we overwrite
a label in place, but in others we apply the label to a new mbuf.
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/contrib/pf')
| -rw-r--r-- | sys/contrib/pf/net/pf.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/contrib/pf/net/pf.c b/sys/contrib/pf/net/pf.c index c4c5892..b751f33 100644 --- a/sys/contrib/pf/net/pf.c +++ b/sys/contrib/pf/net/pf.c @@ -1818,7 +1818,7 @@ pf_send_tcp(const struct pf_rule *r, sa_family_t af, #ifdef __FreeBSD__ #ifdef MAC if (replyto) - mac_mbuf_create_netlayer(replyto, m); + mac_netinet_firewall_reply(replyto, m); else mac_netinet_firewall_send(m); #else |
