diff options
author | brian <brian@FreeBSD.org> | 1997-02-02 16:33:12 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 1997-02-02 16:33:12 +0000 |
commit | eada59b88e87dabb8beab546a26940053e20412c (patch) | |
tree | 3b22b36bda43c1116542d4ffb813de6522f42a08 /sys/netinet | |
parent | f96247a1302a72652b4c3f778b17e8f227d3e15f (diff) | |
download | FreeBSD-src-eada59b88e87dabb8beab546a26940053e20412c.zip FreeBSD-src-eada59b88e87dabb8beab546a26940053e20412c.tar.gz |
Reset ip_divert_ignore to zero immediately after use - also,
set it in the first place, independent of whether sin->sin_port
is set.
The result is that diverted packets that are being forwarded
will be diverted once and only once on the way in (ip_input())
and again, once and only once on the way out (ip_output()) -
twice in total. ICMP packets that don't contain a port will
now also be diverted.
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_divert.c | 3 | ||||
-rw-r--r-- | sys/netinet/ip_input.c | 1 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 1 |
3 files changed, 3 insertions, 2 deletions
diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index c35b2ca..fc25b70 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -206,8 +206,7 @@ div_output(so, m, addr, control) sin = mtod(addr, struct sockaddr_in *); /* Loopback avoidance option */ - if (sin && sin->sin_port) - ip_divert_ignore = ntohs(inp->inp_lport); + ip_divert_ignore = ntohs(inp->inp_lport); /* Reinject packet into the system as incoming or outgoing */ if (!sin || sin->sin_addr.s_addr == 0) { diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 48dfff1..a627f6d 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -320,6 +320,7 @@ tooshort: #ifdef IPDIVERT action = (*ip_fw_chk_ptr)(&ip, hlen, m->m_pkthdr.rcvif, ip_divert_ignore, &m); + ip_divert_ignore = 0; #else action = (*ip_fw_chk_ptr)(&ip, hlen, m->m_pkthdr.rcvif, 0, &m); #endif diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index e62bf6f..81358ba 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -355,6 +355,7 @@ sendit: #ifdef IPDIVERT action = (*ip_fw_chk_ptr)(&ip, hlen, ifp, (~0 << 16) | ip_divert_ignore, &m); + ip_divert_ignore = 0; #else action = (*ip_fw_chk_ptr)(&ip, hlen, ifp, (~0 << 16), &m); #endif |