Add hooks for an IP NAT module, much like the firewall stuff...

Move the sockopt definitions for the firewall code from ip_fw.h to in.h where it belongs.
author: sos <sos@FreeBSD.org> 1996-08-21 21:37:07 +0000
committer: sos <sos@FreeBSD.org> 1996-08-21 21:37:07 +0000
commit: 6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3 (patch)
tree: 1a5729bda0705ded4c0ab671ff54ccd91014adb1 /sys/netinet/ip_output.c
parent: 4eedb7433af834c9187bfa17388837c82bd98be1 (diff)
download: FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.zip
FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.tar.gz
1 files changed, 14 insertions, 1 deletions
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index bb30a9f..8bdcabc 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)ip_output.c	8.3 (Berkeley) 1/21/94
- *	$Id: ip_output.c,v 1.40 1996/06/08 08:18:59 bde Exp $
+ *	$Id: ip_output.c,v 1.41 1996/07/10 19:44:26 julian Exp $
  */
 
 #define _IP_VHL
@@ -331,6 +331,19 @@ ip_output(m0, opt, ro, flags, imo)
 	}
 
 sendit:
+        /*
+	 * IpHack's section.
+	 * - Xlate: translate packet's addr/port (NAT).
+	 * - Firewall: deny/allow
+	 * - Wrap: fake packet's addr/port <unimpl.>
+	 * - Encapsulate: put it in another IP and send out. <unimp.>
+	 */ 
+
+        if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, IP_NAT_OUT)) {
+		error = EACCES; 
+		goto done;
+	}
+
 #ifdef COMPAT_IPFW
 	/*
 	 * Check with the firewall...
author	sos <sos@FreeBSD.org>	1996-08-21 21:37:07 +0000
committer	sos <sos@FreeBSD.org>	1996-08-21 21:37:07 +0000
commit	6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3 (patch)
tree	1a5729bda0705ded4c0ab671ff54ccd91014adb1 /sys/netinet/ip_output.c
parent	4eedb7433af834c9187bfa17388837c82bd98be1 (diff)
download	FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.zip FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.tar.gz