diff options
| author | luigi <luigi@FreeBSD.org> | 2001-02-02 00:18:00 +0000 |
|---|---|---|
| committer | luigi <luigi@FreeBSD.org> | 2001-02-02 00:18:00 +0000 |
| commit | afaf9310f9d53654b62eec6d1e161a930b48ec6c (patch) | |
| tree | 7883054a4e8cd6ddbdbfa3f02f94d51979d07a69 /sys/netinet/ip_input.c | |
| parent | e2f5e56cc5eb14305428986e66fcc781a0e712eb (diff) | |
| download | FreeBSD-src-afaf9310f9d53654b62eec6d1e161a930b48ec6c.zip FreeBSD-src-afaf9310f9d53654b62eec6d1e161a930b48ec6c.tar.gz | |
MFS: bridge/ipfw/dummynet fixes (bridge.c will be committed separately)
Diffstat (limited to 'sys/netinet/ip_input.c')
| -rw-r--r-- | sys/netinet/ip_input.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 63e10c8..c73db86 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -419,8 +419,19 @@ iphack: */ i = (*ip_fw_chk_ptr)(&ip, hlen, NULL, &divert_cookie, &m, &rule, &ip_fw_fwd_addr); - if (m == NULL) /* Packet discarded by firewall */ - return; + if (i & IP_FW_PORT_DENY_FLAG) { /* XXX new interface-denied */ + if (m) + m_freem(m); + return ; + } + if (m == NULL) { /* Packet discarded by firewall */ + static int __debug=10; + if (__debug >0) { + printf("firewall returns NULL, please update!\n"); + __debug-- ; + } + return; + } if (i == 0 && ip_fw_fwd_addr == NULL) /* common case */ goto pass; #ifdef DUMMYNET |
