diff options
author | luigi <luigi@FreeBSD.org> | 2001-09-27 23:44:27 +0000 |
---|---|---|
committer | luigi <luigi@FreeBSD.org> | 2001-09-27 23:44:27 +0000 |
commit | 0fb106cc3f40524759012ac12baf28dccec9e571 (patch) | |
tree | a41a22ccd419ef5d2a0238988e2c3fae83a51ade /sys/netinet/ip_input.c | |
parent | 2854bb2840809c802db31285bc55e9fc5e73ac20 (diff) | |
download | FreeBSD-src-0fb106cc3f40524759012ac12baf28dccec9e571.zip FreeBSD-src-0fb106cc3f40524759012ac12baf28dccec9e571.tar.gz |
Two main changes here:
+ implement "limit" rules, which permit to limit the number of sessions
between certain host pairs (according to masks). These are a special
type of stateful rules, which might be of interest in some cases.
See the ipfw manpage for details.
+ merge the list pointers and ipfw rule descriptors in the kernel, so
the code is smaller, faster and more readable. This patch basically
consists in replacing "foo->rule->bar" with "rule->bar" all over
the place.
I have been willing to do this for ages!
MFC after: 1 week
Diffstat (limited to 'sys/netinet/ip_input.c')
-rw-r--r-- | sys/netinet/ip_input.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index d80c7d4..9c0615b 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -280,7 +280,7 @@ ip_input(struct mbuf *m) #ifdef IPDIVERT u_int32_t divert_info = 0; /* packet divert/tee info */ #endif - struct ip_fw_chain *rule = NULL; + struct ip_fw *rule = NULL; #ifdef PFIL_HOOKS struct packet_filter_hook *pfh; struct mbuf *m0; @@ -302,7 +302,7 @@ ip_input(struct mbuf *m) * rule. */ if (m->m_type == MT_DUMMYNET) { - rule = (struct ip_fw_chain *)(m->m_data) ; + rule = (struct ip_fw *)(m->m_data) ; m = m->m_next ; ip = mtod(m, struct ip *); hlen = IP_VHL_HL(ip->ip_vhl) << 2; |