diff options
| author | ae <ae@FreeBSD.org> | 2011-09-15 12:28:17 +0000 |
|---|---|---|
| committer | ae <ae@FreeBSD.org> | 2011-09-15 12:28:17 +0000 |
| commit | ef85f238b076f52c5f4d9c3d53a572ed14612fe6 (patch) | |
| tree | ea8db0ab5404c97b7752f0849f1b9e592a441fd1 /sys/netgraph | |
| parent | cc85bd26ed5a93ccdce6c1804dde9cc6877263e0 (diff) | |
| download | FreeBSD-src-ef85f238b076f52c5f4d9c3d53a572ed14612fe6.zip FreeBSD-src-ef85f238b076f52c5f4d9c3d53a572ed14612fe6.tar.gz | |
Add IPv6 support to the ng_ipfw(4) [1]. Also add ifdefs to be able
build it with and without INET/INET6 support.
Submitted by: Alexander V. Chernikov <melifaro at yandex-team.ru> [1]
Tested by: Alexander V. Chernikov <melifaro at yandex-team.ru> [1]
Approved by: re (bz)
MFC after: 2 weeks
Diffstat (limited to 'sys/netgraph')
| -rw-r--r-- | sys/netgraph/ng_ipfw.c | 54 |
1 files changed, 42 insertions, 12 deletions
diff --git a/sys/netgraph/ng_ipfw.c b/sys/netgraph/ng_ipfw.c index 68bd89c..4f1bc0e 100644 --- a/sys/netgraph/ng_ipfw.c +++ b/sys/netgraph/ng_ipfw.c @@ -26,6 +26,9 @@ * $FreeBSD$ */ +#include "opt_inet.h" +#include "opt_inet6.h" + #include <sys/param.h> #include <sys/systm.h> #include <sys/kernel.h> @@ -47,6 +50,8 @@ #include <netinet/ip_fw.h> #include <netinet/ipfw/ip_fw_private.h> #include <netinet/ip.h> +#include <netinet/ip6.h> +#include <netinet6/ip6_var.h> #include <netgraph/ng_message.h> #include <netgraph/ng_parse.h> @@ -224,6 +229,7 @@ ng_ipfw_rcvdata(hook_p hook, item_p item) struct m_tag *tag; struct ipfw_rule_ref *r; struct mbuf *m; + struct ip *ip; NGI_GET_M(item, m); NG_FREE_ITEM(item); @@ -234,23 +240,47 @@ ng_ipfw_rcvdata(hook_p hook, item_p item) return (EINVAL); /* XXX: find smth better */ }; + if (m->m_len < sizeof(struct ip) && + (m = m_pullup(m, sizeof(struct ip))) == NULL) + return (EINVAL); + + ip = mtod(m, struct ip *); + r = (struct ipfw_rule_ref *)(tag + 1); if (r->info & IPFW_INFO_IN) { - ip_input(m); + switch (ip->ip_v) { +#ifdef INET + case IPVERSION: + ip_input(m); + break; +#endif +#ifdef INET6 + case IPV6_VERSION >> 4: + ip6_input(m); + break; +#endif + default: + NG_FREE_M(m); + return (EINVAL); + } return (0); } else { - struct ip *ip; - - if (m->m_len < sizeof(struct ip) && - (m = m_pullup(m, sizeof(struct ip))) == NULL) + switch (ip->ip_v) { +#ifdef INET + case IPVERSION: + SET_HOST_IPLEN(ip); + return (ip_output(m, NULL, NULL, IP_FORWARDING, + NULL, NULL)); +#endif +#ifdef INET6 + case IPV6_VERSION >> 4: + return (ip6_output(m, NULL, NULL, 0, NULL, + NULL, NULL)); +#endif + default: return (EINVAL); - - ip = mtod(m, struct ip *); - - SET_HOST_IPLEN(ip); - - return ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL); - } + } + } } static int |
