diff options
author | bz <bz@FreeBSD.org> | 2005-08-13 11:02:34 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2005-08-13 11:02:34 +0000 |
commit | 5434a588080f496f3f78c9b62fcc9bc2993449cb (patch) | |
tree | 6f00a69da3358c57d462226e8f8fb77137db166c /sys/netinet/ip_fw.h | |
parent | 810123c2f688458c9677d8cd08da90460f18926c (diff) | |
download | FreeBSD-src-5434a588080f496f3f78c9b62fcc9bc2993449cb.zip FreeBSD-src-5434a588080f496f3f78c9b62fcc9bc2993449cb.tar.gz |
* Add dynamic sysctl for net.inet6.ip6.fw.
* Correct handling of IPv6 Extension Headers.
* Add unreach6 code.
* Add logging for IPv6.
Submitted by: sysctl handling derived from patch from ume needed for ip6fw
Obtained from: is_icmp6_query and send_reject6 derived from similar
functions of netinet6,ip6fw
Reviewed by: ume, gnn; silence on ipfw@
Test setup provided by: CK Software GmbH
MFC after: 6 days
Diffstat (limited to 'sys/netinet/ip_fw.h')
-rw-r--r-- | sys/netinet/ip_fw.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index 5c5fd6e..88c13bd 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -155,6 +155,8 @@ enum ipfw_opcodes { /* arguments (4 byte each) */ O_IP4, + O_UNREACH6, /* arg1=icmpv6 code arg (deny) */ + O_LAST_OPCODE /* not an opcode! */ }; @@ -167,6 +169,7 @@ enum ipfw_opcodes { /* arguments (4 byte each) */ #define EXT_ROUTING 0x4 #define EXT_AH 0x8 #define EXT_ESP 0x10 +#define EXT_DSTOPTS 0x20 /* * Template for instructions. @@ -403,6 +406,7 @@ struct ipfw_flow_id { struct in6_addr dst_ip6; /* could also store MAC addr! */ struct in6_addr src_ip6; u_int32_t flow_id6; + u_int32_t frag_id6; }; #define IS_IP6_FLOW_ID(id) ((id)->addr_type == 6) @@ -451,6 +455,7 @@ struct _ipfw_dyn_rule { #define IP_FW_TCPOPT_CC 0x10 #define ICMP_REJECT_RST 0x100 /* fake ICMP code (send a TCP RST) */ +#define ICMP6_UNREACH_RST 0x100 /* fake ICMPv6 code (send a TCP RST) */ /* * These are used for lookup tables. |