diff options
author | rwatson <rwatson@FreeBSD.org> | 2004-06-22 03:58:50 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2004-06-22 03:58:50 +0000 |
commit | 6381db6e63aed65766d472066a9f9bef48cd071a (patch) | |
tree | cdb4bea182e077a56ef23408b886db56ee1d33bc /sys/netinet | |
parent | 935a4c087eff72ce375c2da30819a666411f8ed0 (diff) | |
download | FreeBSD-src-6381db6e63aed65766d472066a9f9bef48cd071a.zip FreeBSD-src-6381db6e63aed65766d472066a9f9bef48cd071a.tar.gz |
Prefer use of the inpcb as a MAC label source for outgoing packets sent
via divert sockets, when available.
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_divert.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index f745fea..1f8bb48 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -262,12 +262,6 @@ div_output(struct socket *so, struct mbuf *m, KASSERT(m->m_pkthdr.rcvif == NULL, ("rcvif not null")); -#ifdef MAC - SOCK_LOCK(so); - mac_create_mbuf_from_socket(so, m); - SOCK_UNLOCK(so); -#endif - if (control) m_freem(control); /* XXX */ @@ -324,6 +318,9 @@ div_output(struct socket *so, struct mbuf *m, /* Send packet to output processing */ ipstat.ips_rawout++; /* XXX */ +#ifdef MAC + mac_create_mbuf_from_inpcb(inp, m); +#endif error = ip_output(m, inp->inp_options, NULL, (so->so_options & SO_DONTROUTE) | @@ -350,6 +347,11 @@ div_output(struct socket *so, struct mbuf *m, } m->m_pkthdr.rcvif = ifa->ifa_ifp; } +#ifdef MAC + SOCK_LOCK(so); + mac_create_mbuf_from_socket(so, m); + SOCK_UNLOCK(so); +#endif /* Send packet to input processing */ ip_input(m); } |