diff options
author | sos <sos@FreeBSD.org> | 1996-08-21 21:37:07 +0000 |
---|---|---|
committer | sos <sos@FreeBSD.org> | 1996-08-21 21:37:07 +0000 |
commit | 6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3 (patch) | |
tree | 1a5729bda0705ded4c0ab671ff54ccd91014adb1 /sys/netinet/ip_output.c | |
parent | 4eedb7433af834c9187bfa17388837c82bd98be1 (diff) | |
download | FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.zip FreeBSD-src-6fc54fe251487977f8ca4fe6fc5c87f29dc9a5a3.tar.gz |
Add hooks for an IP NAT module, much like the firewall stuff...
Move the sockopt definitions for the firewall code from
ip_fw.h to in.h where it belongs.
Diffstat (limited to 'sys/netinet/ip_output.c')
-rw-r--r-- | sys/netinet/ip_output.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index bb30a9f..8bdcabc 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 - * $Id: ip_output.c,v 1.40 1996/06/08 08:18:59 bde Exp $ + * $Id: ip_output.c,v 1.41 1996/07/10 19:44:26 julian Exp $ */ #define _IP_VHL @@ -331,6 +331,19 @@ ip_output(m0, opt, ro, flags, imo) } sendit: + /* + * IpHack's section. + * - Xlate: translate packet's addr/port (NAT). + * - Firewall: deny/allow + * - Wrap: fake packet's addr/port <unimpl.> + * - Encapsulate: put it in another IP and send out. <unimp.> + */ + + if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, IP_NAT_OUT)) { + error = EACCES; + goto done; + } + #ifdef COMPAT_IPFW /* * Check with the firewall... |