diff options
| author | glebius <glebius@FreeBSD.org> | 2012-10-06 10:02:11 +0000 |
|---|---|---|
| committer | glebius <glebius@FreeBSD.org> | 2012-10-06 10:02:11 +0000 |
| commit | f3a0231bff618f3752bf9f6827708edc3063f57d (patch) | |
| tree | 889546ddb486b4afbf10cf3344d3d84a4620dcb4 /sys/net/if_bridge.c | |
| parent | 30f3c300d8d28e84a49c574e8bd0db454de92910 (diff) | |
| download | FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.zip FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.tar.gz | |
A step in resolving mess with byte ordering for AF_INET. After this change:
- All packets in NETISR_IP queue are in net byte order.
- ip_input() is entered in net byte order and converts packet
to host byte order right _after_ processing pfil(9) hooks.
- ip_output() is entered in host byte order and converts packet
to net byte order right _before_ processing pfil(9) hooks.
- ip_fragment() accepts and emits packet in net byte order.
- ip_forward(), ip_mloopback() use host byte order (untouched actually).
- ip_fastforward() no longer modifies packet at all (except ip_ttl).
- Swapping of byte order there and back removed from the following modules:
pf(4), ipfw(4), enc(4), if_bridge(4).
- Swapping of byte order added to ipfilter(4), based on __FreeBSD_version
- __FreeBSD_version bumped.
- pfil(9) manual page updated.
Reviewed by: ray, luigi, eri, melifaro
Tested by: glebius (LE), ray (BE)
Diffstat (limited to 'sys/net/if_bridge.c')
| -rw-r--r-- | sys/net/if_bridge.c | 13 |
1 files changed, 1 insertions, 12 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 86f4525..5800831 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -3093,15 +3093,6 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) switch (ether_type) { case ETHERTYPE_IP: /* - * before calling the firewall, swap fields the same as - * IP does. here we assume the header is contiguous - */ - ip = mtod(*mp, struct ip *); - - ip->ip_len = ntohs(ip->ip_len); - ip->ip_off = ntohs(ip->ip_off); - - /* * Run pfil on the member interface and the bridge, both can * be skipped by clearing pfil_member or pfil_bridge. * @@ -3139,7 +3130,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) } } - /* Recalculate the ip checksum and restore byte ordering */ + /* Recalculate the ip checksum. */ ip = mtod(*mp, struct ip *); hlen = ip->ip_hl << 2; if (hlen < sizeof(struct ip)) @@ -3151,8 +3142,6 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) if (ip == NULL) goto bad; } - ip->ip_len = htons(ip->ip_len); - ip->ip_off = htons(ip->ip_off); ip->ip_sum = 0; if (hlen == sizeof(struct ip)) ip->ip_sum = in_cksum_hdr(ip); |
