diff options
author | phk <phk@FreeBSD.org> | 1996-02-23 15:47:58 +0000 |
---|---|---|
committer | phk <phk@FreeBSD.org> | 1996-02-23 15:47:58 +0000 |
commit | 37d6472c4f2c7b8e39635fc5494ab71a47e41caa (patch) | |
tree | 97c7360219d204b89bc15ace01e53279c1509f40 /sys/netinet/raw_ip.c | |
parent | 8b3d623d7962824ee462d964e5374d96532e5807 (diff) | |
download | FreeBSD-src-37d6472c4f2c7b8e39635fc5494ab71a47e41caa.zip FreeBSD-src-37d6472c4f2c7b8e39635fc5494ab71a47e41caa.tar.gz |
Big sweep over the IPFIREWALL and IPACCT code.
Close the ip-fragment hole.
Waste less memory.
Rewrite to contemporary more readable style.
Kill separate IPACCT facility, use "accept" rules in IPFIREWALL.
Filter incoming >and< outgoing packets.
Replace "policy" by sticky "deny all" rule.
Rules have numbers used for ordering and deletion.
Remove "rerorder" code entirely.
Count packet & bytecount matches for rules.
Code in -current & -stable is now the same.
Diffstat (limited to 'sys/netinet/raw_ip.c')
-rw-r--r-- | sys/netinet/raw_ip.c | 24 |
1 files changed, 2 insertions, 22 deletions
diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 97c48e0..4d9916d 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95 - * $Id: raw_ip.c,v 1.24 1995/11/14 20:34:23 phk Exp $ + * $Id: raw_ip.c,v 1.25 1995/12/09 20:43:53 phk Exp $ */ #include <sys/param.h> @@ -221,7 +221,7 @@ rip_ctloutput(op, so, level, optname, m) case IP_FW_ADD: case IP_FW_DEL: case IP_FW_FLUSH: - case IP_FW_POLICY: + case IP_FW_ZERO: if (ip_fw_ctl_ptr==NULL) { if (*m) (void)m_free(*m); @@ -237,26 +237,6 @@ rip_ctloutput(op, so, level, optname, m) error=EINVAL; return(error); - case IP_ACCT_DEL: - case IP_ACCT_ADD: - case IP_ACCT_CLR: - case IP_ACCT_FLUSH: - case IP_ACCT_ZERO: - if (ip_acct_ctl_ptr==NULL) { - if (*m) - (void)m_free(*m); - return(EINVAL); - } - - if (op == PRCO_SETOPT) { - error=(*ip_acct_ctl_ptr)(optname, *m); - if (*m) - (void)m_free(*m); - } - else - error=EINVAL; - return(error); - case IP_RSVP_ON: return ip_rsvp_init(so); break; |