diff options
| author | bz <bz@FreeBSD.org> | 2011-06-08 03:02:11 +0000 |
|---|---|---|
| committer | bz <bz@FreeBSD.org> | 2011-06-08 03:02:11 +0000 |
| commit | b4b3d062cdd5a507afb962caa1fdd9a3d78abf9c (patch) | |
| tree | f130c445e2148ddf5c6984bab668a12aa338b0e3 /sys/netinet6/ip6_ipsec.c | |
| parent | b13895d9ea55e6897b9b5fdd46be2f9bff544d0b (diff) | |
| download | FreeBSD-src-b4b3d062cdd5a507afb962caa1fdd9a3d78abf9c.zip FreeBSD-src-b4b3d062cdd5a507afb962caa1fdd9a3d78abf9c.tar.gz | |
Correct comments and debug logging in ipsec to better match reality.
MFC after: 3 days
Diffstat (limited to 'sys/netinet6/ip6_ipsec.c')
| -rw-r--r-- | sys/netinet6/ip6_ipsec.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/netinet6/ip6_ipsec.c b/sys/netinet6/ip6_ipsec.c index 8731e12..bbbc9c9 100644 --- a/sys/netinet6/ip6_ipsec.c +++ b/sys/netinet6/ip6_ipsec.c @@ -97,7 +97,7 @@ SYSCTL_VNET_INT(_net_inet6_ipsec6, OID_AUTO, /* * Check if we have to jump over firewall processing for this packet. - * Called from ip_input(). + * Called from ip6_input(). * 1 = jump over firewall, 0 = packet goes through firewall. */ int @@ -106,7 +106,7 @@ ip6_ipsec_filtertunnel(struct mbuf *m) #if defined(IPSEC) /* - * Bypass packet filtering for packets from a tunnel. + * Bypass packet filtering for packets previously handled by IPsec. */ if (!V_ip6_ipsec6_filtertunnel && m_tag_find(m, PACKET_TAG_IPSEC_IN_DONE, NULL) != NULL) @@ -118,7 +118,7 @@ ip6_ipsec_filtertunnel(struct mbuf *m) /* * Check if this packet has an active SA and needs to be dropped instead * of forwarded. - * Called from ip_input(). + * Called from ip6_input(). * 1 = drop packet, 0 = forward packet. */ int @@ -141,7 +141,7 @@ ip6_ipsec_fwd(struct mbuf *m) if (sp == NULL) { /* NB: can happen if error */ splx(s); /*XXX error stat???*/ - DPRINTF(("ip_input: no SP for forwarding\n")); /*XXX*/ + DPRINTF(("%s: no SP for forwarding\n", __func__)); /*XXX*/ return 1; } @@ -163,7 +163,7 @@ ip6_ipsec_fwd(struct mbuf *m) * Check if protocol type doesn't have a further header and do IPSEC * decryption or reject right now. Protocols with further headers get * their IPSEC treatment within the protocol specific processing. - * Called from ip_input(). + * Called from ip6_input(). * 1 = drop packet, 0 = continue processing packet. */ int @@ -206,7 +206,7 @@ ip6_ipsec_input(struct mbuf *m, int nxt) } else { /* XXX error stat??? */ error = EINVAL; - DPRINTF(("ip_input: no SP, packet discarded\n"));/*XXX*/ + DPRINTF(("%s: no SP, packet discarded\n", __func__));/*XXX*/ return 1; } splx(s); |
