diff options
author | glebius <glebius@FreeBSD.org> | 2012-10-06 10:02:11 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2012-10-06 10:02:11 +0000 |
commit | f3a0231bff618f3752bf9f6827708edc3063f57d (patch) | |
tree | 889546ddb486b4afbf10cf3344d3d84a4620dcb4 /sys/netpfil/ipfw | |
parent | 30f3c300d8d28e84a49c574e8bd0db454de92910 (diff) | |
download | FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.zip FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.tar.gz |
A step in resolving mess with byte ordering for AF_INET. After this change:
- All packets in NETISR_IP queue are in net byte order.
- ip_input() is entered in net byte order and converts packet
to host byte order right _after_ processing pfil(9) hooks.
- ip_output() is entered in host byte order and converts packet
to net byte order right _before_ processing pfil(9) hooks.
- ip_fragment() accepts and emits packet in net byte order.
- ip_forward(), ip_mloopback() use host byte order (untouched actually).
- ip_fastforward() no longer modifies packet at all (except ip_ttl).
- Swapping of byte order there and back removed from the following modules:
pf(4), ipfw(4), enc(4), if_bridge(4).
- Swapping of byte order added to ipfilter(4), based on __FreeBSD_version
- __FreeBSD_version bumped.
- pfil(9) manual page updated.
Reviewed by: ray, luigi, eri, melifaro
Tested by: glebius (LE), ray (BE)
Diffstat (limited to 'sys/netpfil/ipfw')
-rw-r--r-- | sys/netpfil/ipfw/ip_fw_pfil.c | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/sys/netpfil/ipfw/ip_fw_pfil.c b/sys/netpfil/ipfw/ip_fw_pfil.c index 4ab9316..b2494e5 100644 --- a/sys/netpfil/ipfw/ip_fw_pfil.c +++ b/sys/netpfil/ipfw/ip_fw_pfil.c @@ -125,10 +125,6 @@ ipfw_check_packet(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir, int ipfw; int ret; - /* all the processing now uses ip_len in net format */ - if (mtod(*m0, struct ip *)->ip_v == 4) - SET_NET_IPLEN(mtod(*m0, struct ip *)); - /* convert dir to IPFW values */ dir = (dir == PFIL_IN) ? DIR_IN : DIR_OUT; bzero(&args, sizeof(args)); @@ -288,8 +284,7 @@ again: FREE_PKT(*m0); *m0 = NULL; } - if (*m0 && mtod(*m0, struct ip *)->ip_v == 4) - SET_HOST_IPLEN(mtod(*m0, struct ip *)); + return ret; } |