A step in resolving mess with byte ordering for AF_INET. After this change:

- All packets in NETISR_IP queue are in net byte order. - ip_input() is entered in net byte order and converts packet to host byte order right _after_ processing pfil(9) hooks. - ip_output() is entered in host byte order and converts packet to net byte order right _before_ processing pfil(9) hooks. - ip_fragment() accepts and emits packet in net byte order. - ip_forward(), ip_mloopback() use host byte order (untouched actually). - ip_fastforward() no longer modifies packet at all (except ip_ttl). - Swapping of byte order there and back removed from the following modules: pf(4), ipfw(4), enc(4), if_bridge(4). - Swapping of byte order added to ipfilter(4), based on __FreeBSD_version - __FreeBSD_version bumped. - pfil(9) manual page updated. Reviewed by: ray, luigi, eri, melifaro Tested by: glebius (LE), ray (BE)
author: glebius <glebius@FreeBSD.org> 2012-10-06 10:02:11 +0000
committer: glebius <glebius@FreeBSD.org> 2012-10-06 10:02:11 +0000
commit: f3a0231bff618f3752bf9f6827708edc3063f57d (patch)
tree: 889546ddb486b4afbf10cf3344d3d84a4620dcb4 /sys/netpfil
parent: 30f3c300d8d28e84a49c574e8bd0db454de92910 (diff)
download: FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.zip
FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.tar.gz
2 files changed, 6 insertions, 57 deletions
diff --git a/sys/netpfil/ipfw/ip_fw_pfil.c b/sys/netpfil/ipfw/ip_fw_pfil.c
index 4ab9316..b2494e5 100644
--- a/sys/netpfil/ipfw/ip_fw_pfil.c
+++ b/sys/netpfil/ipfw/ip_fw_pfil.c
@@ -125,10 +125,6 @@ ipfw_check_packet(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
 	int ipfw;
 	int ret;
 
-	/* all the processing now uses ip_len in net format */
-	if (mtod(*m0, struct ip *)->ip_v == 4)
-		SET_NET_IPLEN(mtod(*m0, struct ip *));
-
 	/* convert dir to IPFW values */
 	dir = (dir == PFIL_IN) ? DIR_IN : DIR_OUT;
 	bzero(&args, sizeof(args));
@@ -288,8 +284,7 @@ again:
 			FREE_PKT(*m0);
 		*m0 = NULL;
 	}
-	if (*m0 && mtod(*m0, struct ip *)->ip_v == 4)
-		SET_HOST_IPLEN(mtod(*m0, struct ip *));
+
 	return ret;
 }
 
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index 4047df5..3037725 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -3473,23 +3473,8 @@ static int
 pf_check_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
     struct inpcb *inp)
 {
-	/*
-	 * XXX Wed Jul 9 22:03:16 2003 UTC
-	 * OpenBSD has changed its byte ordering convention on ip_len/ip_off
-	 * in network stack. OpenBSD's network stack have converted
-	 * ip_len/ip_off to host byte order frist as FreeBSD.
-	 * Now this is not true anymore , so we should convert back to network
-	 * byte order.
-	 */
-	struct ip *h = NULL;
 	int chk;
 
-	if ((*m)->m_pkthdr.len >= (int)sizeof(struct ip)) {
-		/* if m_pkthdr.len is less than ip header, pf will handle. */
-		h = mtod(*m, struct ip *);
-		HTONS(h->ip_len);
-		HTONS(h->ip_off);
-	}
 	CURVNET_SET(ifp->if_vnet);
 	chk = pf_test(PF_IN, ifp, m, inp);
 	CURVNET_RESTORE();
@@ -3497,28 +3482,14 @@ pf_check_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
 		m_freem(*m);
 		*m = NULL;
 	}
-	if (*m != NULL) {
-		/* pf_test can change ip header location */
-		h = mtod(*m, struct ip *);
-		NTOHS(h->ip_len);
-		NTOHS(h->ip_off);
-	}
-	return chk;
+
+	return (chk);
 }
 
 static int
 pf_check_out(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
     struct inpcb *inp)
 {
-	/*
-	 * XXX Wed Jul 9 22:03:16 2003 UTC
-	 * OpenBSD has changed its byte ordering convention on ip_len/ip_off
-	 * in network stack. OpenBSD's network stack have converted
-	 * ip_len/ip_off to host byte order frist as FreeBSD.
-	 * Now this is not true anymore , so we should convert back to network
-	 * byte order.
-	 */
-	struct ip *h = NULL;
 	int chk;
 
 	/* We need a proper CSUM befor we start (s. OpenBSD ip_output) */
@@ -3526,12 +3497,7 @@ pf_check_out(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
 		in_delayed_cksum(*m);
 		(*m)->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA;
 	}
-	if ((*m)->m_pkthdr.len >= (int)sizeof(*h)) {
-		/* if m_pkthdr.len is less than ip header, pf will handle. */
-		h = mtod(*m, struct ip *);
-		HTONS(h->ip_len);
-		HTONS(h->ip_off);
-	}
+
 	CURVNET_SET(ifp->if_vnet);
 	chk = pf_test(PF_OUT, ifp, m, inp);
 	CURVNET_RESTORE();
@@ -3539,13 +3505,8 @@ pf_check_out(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
 		m_freem(*m);
 		*m = NULL;
 	}
-	if (*m != NULL) {
-		/* pf_test can change ip header location */
-		h = mtod(*m, struct ip *);
-		NTOHS(h->ip_len);
-		NTOHS(h->ip_off);
-	}
-	return chk;
+
+	return (chk);
 }
 #endif
 
@@ -3554,10 +3515,6 @@ static int
 pf_check6_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
     struct inpcb *inp)
 {
-
-	/*
-	 * IPv6 is not affected by ip_len/ip_off byte order changes.
-	 */
 	int chk;
 
 	/*
@@ -3579,9 +3536,6 @@ static int
 pf_check6_out(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
     struct inpcb *inp)
 {
-	/*
-	 * IPv6 does not affected ip_len/ip_off byte order changes.
-	 */
 	int chk;
 
 	/* We need a proper CSUM before we start (s. OpenBSD ip_output) */
author	glebius <glebius@FreeBSD.org>	2012-10-06 10:02:11 +0000
committer	glebius <glebius@FreeBSD.org>	2012-10-06 10:02:11 +0000
commit	f3a0231bff618f3752bf9f6827708edc3063f57d (patch)
tree	889546ddb486b4afbf10cf3344d3d84a4620dcb4 /sys/netpfil
parent	30f3c300d8d28e84a49c574e8bd0db454de92910 (diff)
download	FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.zip FreeBSD-src-f3a0231bff618f3752bf9f6827708edc3063f57d.tar.gz