diff options
author | ae <ae@FreeBSD.org> | 2012-11-02 01:20:55 +0000 |
---|---|---|
committer | ae <ae@FreeBSD.org> | 2012-11-02 01:20:55 +0000 |
commit | 4354018055d167b2dd190c0ed81b74972a32fe2c (patch) | |
tree | 3080b551004723e63a6f3fe08ee72e510038fe57 /sys/netinet | |
parent | 99cf02c7fdbbd005e93ef256cbf128c446cd2ee8 (diff) | |
download | FreeBSD-src-4354018055d167b2dd190c0ed81b74972a32fe2c.zip FreeBSD-src-4354018055d167b2dd190c0ed81b74972a32fe2c.tar.gz |
Remove the recently added sysctl variable net.pfil.forward.
Instead, add protocol specific mbuf flags M_IP_NEXTHOP and
M_IP6_NEXTHOP. Use them to indicate that the mbuf's chain
contains the PACKET_TAG_IPFORWARD tag. And do a tag lookup
only when this flag is set.
Suggested by: andre
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_fastfwd.c | 3 | ||||
-rw-r--r-- | sys/netinet/ip_input.c | 23 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 8 | ||||
-rw-r--r-- | sys/netinet/ip_var.h | 1 | ||||
-rw-r--r-- | sys/netinet/tcp_input.c | 5 | ||||
-rw-r--r-- | sys/netinet/udp_usrreq.c | 4 |
6 files changed, 22 insertions, 22 deletions
diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c index 2ef163b..3a228ca 100644 --- a/sys/netinet/ip_fastfwd.c +++ b/sys/netinet/ip_fastfwd.c @@ -446,7 +446,7 @@ passin: /* * Destination address changed? */ - if (V_pfilforward != 0) + if (m->m_flags & M_IP_NEXTHOP) fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL); if (odest.s_addr != dest.s_addr || fwd_tag != NULL) { /* @@ -469,6 +469,7 @@ forwardlocal: dest.s_addr = ((struct sockaddr_in *) (fwd_tag + 1))->sin_addr.s_addr; m_tag_delete(m, fwd_tag); + m->m_flags &= ~M_IP_NEXTHOP; } RTFREE(ro.ro_rt); if ((dst = ip_findroute(&ro, dest, m)) == NULL) diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index e0e98a2..033c03d 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -509,23 +509,22 @@ tooshort: dchg = (odst.s_addr != ip->ip_dst.s_addr); ifp = m->m_pkthdr.rcvif; - if (V_pfilforward == 0) - goto passin; - if (m->m_flags & M_FASTFWD_OURS) { m->m_flags &= ~M_FASTFWD_OURS; goto ours; } - if ((dchg = (m_tag_find(m, PACKET_TAG_IPFORWARD, NULL) != NULL)) != 0) { - /* - * Directly ship the packet on. This allows forwarding - * packets originally destined to us to some other directly - * connected host. - */ - ip_forward(m, dchg); - return; + if (m->m_flags & M_IP_NEXTHOP) { + dchg = (m_tag_find(m, PACKET_TAG_IPFORWARD, NULL) != NULL); + if (dchg != 0) { + /* + * Directly ship the packet on. This allows + * forwarding packets originally destined to us + * to some other directly connected host. + */ + ip_forward(m, 1); + return; + } } - passin: /* diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 96faf47..40785bb 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -537,9 +537,6 @@ sendit: } } - if (V_pfilforward == 0) - goto passout; - /* See if local, if yes, send it to netisr with IP_FASTFWD_OURS. */ if (m->m_flags & M_FASTFWD_OURS) { if (m->m_pkthdr.rcvif == NULL) @@ -560,11 +557,12 @@ sendit: goto done; } /* Or forward to some other address? */ - fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL); - if (fwd_tag) { + if ((m->m_flags & M_IP_NEXTHOP) && + (fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL)) != NULL) { dst = (struct sockaddr_in *)&ro->ro_dst; bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in)); m->m_flags |= M_SKIP_FIREWALL; + m->m_flags &= ~M_IP_NEXTHOP; m_tag_delete(m, fwd_tag); if (ia != NULL) ifa_free(&ia->ia_ifa); diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index 6b2f86e..cc3eff8 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -163,6 +163,7 @@ void kmod_ipstat_dec(int statnum); * mbuf flag used by ip_fastfwd */ #define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ +#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ #ifdef __NO_STRICT_ALIGNMENT #define IP_HDR_ALIGNED_P(ip) 1 diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index ba642a6..a89257e 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -75,7 +75,6 @@ __FBSDID("$FreeBSD$"); #include <vm/uma.h> #include <net/if.h> -#include <net/pfil.h> #include <net/route.h> #include <net/vnet.h> @@ -781,7 +780,7 @@ findpcb: /* * Grab info from PACKET_TAG_IPFORWARD tag prepended to the chain. */ - if (V_pfilforward != 0) + if (m->m_flags & M_IP_NEXTHOP) fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL); #ifdef INET6 @@ -810,6 +809,7 @@ findpcb: } /* Remove the tag from the packet. We don't need it anymore. */ m_tag_delete(m, fwd_tag); + m->m_flags &= ~M_IP_NEXTHOP; } else if (isipv6) { inp = in6_pcblookup_mbuf(&V_tcbinfo, &ip6->ip6_src, th->th_sport, &ip6->ip6_dst, th->th_dport, @@ -846,6 +846,7 @@ findpcb: } /* Remove the tag from the packet. We don't need it anymore. */ m_tag_delete(m, fwd_tag); + m->m_flags &= ~M_IP_NEXTHOP; } else inp = in_pcblookup_mbuf(&V_tcbinfo, ip->ip_src, th->th_sport, ip->ip_dst, th->th_dport, diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index cd08468..45e2693 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$"); #include <vm/uma.h> #include <net/if.h> -#include <net/pfil.h> #include <net/route.h> #include <netinet/in.h> @@ -549,7 +548,7 @@ udp_input(struct mbuf *m, int off) /* * Grab info from PACKET_TAG_IPFORWARD tag prepended to the chain. */ - if (V_pfilforward != 0 && + if ((m->m_flags & M_IP_NEXTHOP) && (fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL)) != NULL) { struct sockaddr_in *next_hop; @@ -575,6 +574,7 @@ udp_input(struct mbuf *m, int off) } /* Remove the tag from the packet. We don't need it anymore. */ m_tag_delete(m, fwd_tag); + m->m_flags &= ~M_IP_NEXTHOP; } else inp = in_pcblookup_mbuf(&V_udbinfo, ip->ip_src, uh->uh_sport, ip->ip_dst, uh->uh_dport, INPLOOKUP_WILDCARD | |