9 files changed, 50 insertions, 47 deletions

diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index 7642cc6..b03f49c 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -2,7 +2,7 @@
 # LINT -- config file for checking all the sources, tries to pull in
 #	as much of the source tree as it can.
 #
-#	$Id: LINT,v 1.434 1998/05/21 03:22:20 wpaul Exp $
+#	$Id: LINT,v 1.435 1998/05/30 18:28:12 phk Exp $
 #
 # NB: You probably don't want to try running a kernel built from this
 # file.  Instead, you should start from GENERIC, and add options from
@@ -433,6 +433,7 @@ options		IPFILTER		#kernel ipfilter support
 options		IPFILTER_LOG		#ipfilter logging
 #options	IPFILTER_LKM		#kernel support for ip_fil.o LKM
 options		TCPDEBUG
+#options	IPFW_DIVERT_OLDRESTART	# old (broken) divert/restart semantics
 
 
 #####################################################################
diff --git a/sys/conf/options b/sys/conf/options
index 4293ef4..eae6959 100644
--- a/sys/conf/options
+++ b/sys/conf/options
@@ -1,4 +1,4 @@
-#	$Id: options,v 1.74 1998/05/24 01:29:52 jkh Exp $
+#	$Id: options,v 1.75 1998/05/25 10:37:40 julian Exp $
 #
 #        On the handling of kernel options   
 # 
@@ -174,7 +174,7 @@ IPFIREWALL_VERBOSE	opt_ipfw.h
 IPFIREWALL_VERBOSE_LIMIT	opt_ipfw.h
 IPFIREWALL_DEFAULT_TO_ACCEPT	opt_ipfw.h
 #temp option to change ipfw/divert semantics. Should become standard.
-IPFW_DIVERT_RESTART	opt_ipfw.h
+IPFW_DIVERT_OLDRESTART	opt_ipfw.h
 IPX			opt_ipx.h
 IPXIP			opt_ipx.h
 IPTUNNEL		opt_ipx.h
diff --git a/sys/i386/conf/LINT b/sys/i386/conf/LINT
index 7642cc6..b03f49c 100644
--- a/sys/i386/conf/LINT
+++ b/sys/i386/conf/LINT
@@ -2,7 +2,7 @@
 # LINT -- config file for checking all the sources, tries to pull in
 #	as much of the source tree as it can.
 #
-#	$Id: LINT,v 1.434 1998/05/21 03:22:20 wpaul Exp $
+#	$Id: LINT,v 1.435 1998/05/30 18:28:12 phk Exp $
 #
 # NB: You probably don't want to try running a kernel built from this
 # file.  Instead, you should start from GENERIC, and add options from
@@ -433,6 +433,7 @@ options		IPFILTER		#kernel ipfilter support
 options		IPFILTER_LOG		#ipfilter logging
 #options	IPFILTER_LKM		#kernel support for ip_fil.o LKM
 options		TCPDEBUG
+#options	IPFW_DIVERT_OLDRESTART	# old (broken) divert/restart semantics
 
 
 #####################################################################
diff --git a/sys/i386/conf/NOTES b/sys/i386/conf/NOTES
index 7642cc6..b03f49c 100644
--- a/sys/i386/conf/NOTES
+++ b/sys/i386/conf/NOTES
@@ -2,7 +2,7 @@
 # LINT -- config file for checking all the sources, tries to pull in
 #	as much of the source tree as it can.
 #
-#	$Id: LINT,v 1.434 1998/05/21 03:22:20 wpaul Exp $
+#	$Id: LINT,v 1.435 1998/05/30 18:28:12 phk Exp $
 #
 # NB: You probably don't want to try running a kernel built from this
 # file.  Instead, you should start from GENERIC, and add options from
@@ -433,6 +433,7 @@ options		IPFILTER		#kernel ipfilter support
 options		IPFILTER_LOG		#ipfilter logging
 #options	IPFILTER_LKM		#kernel support for ip_fil.o LKM
 options		TCPDEBUG
+#options	IPFW_DIVERT_OLDRESTART	# old (broken) divert/restart semantics
 
 
 #####################################################################
diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c
index 5410e8a..9b32f6d 100644
--- a/sys/netinet/ip_divert.c
+++ b/sys/netinet/ip_divert.c
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: ip_divert.c,v 1.25 1998/05/25 08:44:31 julian Exp $
+ *	$Id: ip_divert.c,v 1.26 1998/05/25 10:37:43 julian Exp $
  */
 
 #include "opt_inet.h"
@@ -82,7 +82,7 @@
 u_short ip_divert_port;
 
 /*
- * #ifndef IPFW_DIVERT_RESTART
+ * #ifdef IPFW_DIVERT_OLDRESTART
  * We set this value to a non-zero port number when we want the call to
  * ip_fw_chk() in ip_input() or ip_output() to ignore ``divert <port>''
  * chain entries. This is stored in host order.
@@ -98,13 +98,13 @@ u_short ip_divert_port;
  * 0 will restart processing at the beginning. 
  * #endif 
  */
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 u_short ip_divert_ignore;
 #else
 
 u_short ip_divert_in_cookie;
 u_short ip_divert_out_cookie;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 
 /* Internal variables */
 
@@ -168,12 +168,12 @@ div_input(struct mbuf *m, int hlen)
 	ip = mtod(m, struct ip *);
 
 	/* Record divert port */
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 	divsrc.sin_port = htons(ip_divert_port);
 #else
 	divsrc.sin_port = ip_divert_in_cookie;
 	ip_divert_in_cookie = 0;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 
 	/* Restore packet header fields */
 	ip->ip_len += hlen;
@@ -274,7 +274,7 @@ div_output(so, m, addr, control)
 		m_freem(control);		/* XXX */
 
 	/* Loopback avoidance */
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 	if (sin) {
 		ip_divert_ignore = ntohs(sin->sin_port);
 	} else {
@@ -286,7 +286,7 @@ div_output(so, m, addr, control)
 	} else {
 		ip_divert_out_cookie = 0;
 	}
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 
 	/* Reinject packet into the system as incoming or outgoing */
 	if (!sin || sin->sin_addr.s_addr == 0) {
@@ -344,19 +344,19 @@ div_output(so, m, addr, control)
 	}
 
 	/* Reset for next time (and other packets) */
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 	ip_divert_ignore = 0;
 #else
 	ip_divert_out_cookie = 0;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 	return error;
 
 cantsend:
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 	ip_divert_ignore = 0;
 #else
 	ip_divert_out_cookie = 0;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 	m_freem(m);
 	return error;
 }
diff --git a/sys/netinet/ip_fw.c b/sys/netinet/ip_fw.c
index 112d9ca..df5e2f8 100644
--- a/sys/netinet/ip_fw.c
+++ b/sys/netinet/ip_fw.c
@@ -12,7 +12,7 @@
  *
  * This software is provided ``AS IS'' without any warranties of any kind.
  *
- *	$Id: ip_fw.c,v 1.83 1998/05/19 14:04:29 dg Exp $
+ *	$Id: ip_fw.c,v 1.84 1998/05/25 10:37:44 julian Exp $
  */
 
 /*
@@ -103,13 +103,13 @@ static ip_fw_chk_t *old_chk_ptr;
 static ip_fw_ctl_t *old_ctl_ptr;
 #endif
 
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 static int	ip_fw_chk __P((struct ip **pip, int hlen,
 			struct ifnet *oif, int ignport, struct mbuf **m));
 #else
 static int	ip_fw_chk __P((struct ip **pip, int hlen,
 			struct ifnet *oif, int pastrule, struct mbuf **m));
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 static int	ip_fw_ctl __P((int stage, struct mbuf **mm));
 
 static char err_prefix[] = "ip_fw_ctl:";
@@ -386,7 +386,7 @@ ipfw_report(struct ip_fw *f, struct ip *ip,
  *	ip	Pointer to packet header (struct ip *)
  *	hlen	Packet header length
  *	oif	Outgoing interface, or NULL if packet is incoming
- * #ifndef IPFW_DIVERT_RESTART
+ * #ifdef IPFW_DIVERT_OLDRESTART
  *	ignport	Ignore all divert/tee rules to this port (if non-zero)
  * #else
  *	pastrule Skip up to the first rule past this rule number;
@@ -402,13 +402,13 @@ ipfw_report(struct ip_fw *f, struct ip *ip,
  */
 
 static int 
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 ip_fw_chk(struct ip **pip, int hlen,
 	struct ifnet *oif, int ignport, struct mbuf **m)
 #else
 ip_fw_chk(struct ip **pip, int hlen,
 	struct ifnet *oif, int pastrule, struct mbuf **m)
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 {
 	struct ip_fw_chain *chain;
 	struct ip_fw *rule = NULL;
@@ -419,11 +419,11 @@ ip_fw_chk(struct ip **pip, int hlen,
 
 	/*
 	 * Go down the chain, looking for enlightment
-	 * #ifdef IPFW_DIVERT_RESTART
+	 * #ifndef IPFW_DIVERT_OLDRESTART
 	 * If we've been asked to start at a given rule immediatly, do so.
 	 * #endif
 	 */
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 	for (chain=LIST_FIRST(&ip_fw_chain); chain; chain = LIST_NEXT(chain, chain)) {
 #else
 	chain=LIST_FIRST(&ip_fw_chain);
@@ -436,7 +436,7 @@ ip_fw_chk(struct ip **pip, int hlen,
 		if (! chain) goto dropit;
 	}
 	for (; chain; chain = LIST_NEXT(chain, chain)) {
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 		register struct ip_fw *const f = chain->rule;
 
 		if (oif) {
@@ -586,7 +586,7 @@ bogusfrag:
 		}
 
 got_match:
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 		/* Ignore divert/tee rule if socket port is "ignport" */
 		switch (f->fw_flg & IP_FW_F_COMMAND) {
 		case IP_FW_F_DIVERT:
@@ -596,7 +596,7 @@ got_match:
 			break;
 		}
 
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 		/* Update statistics */
 		f->fw_pcnt += 1;
 		f->fw_bcnt += ip->ip_len;
@@ -613,9 +613,9 @@ got_match:
 		case IP_FW_F_COUNT:
 			continue;
 		case IP_FW_F_DIVERT:
-#ifdef IPFW_DIVERT_RESTART
+#ifndef IPFW_DIVERT_OLDRESTART
 			ip_divert_in_cookie = f->fw_number;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 			return(f->fw_divert_port);
 		case IP_FW_F_TEE:
 			/*
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index fe0b3a4..6280050 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)ip_input.c	8.2 (Berkeley) 1/4/94
- * $Id: ip_input.c,v 1.84 1998/05/24 14:59:57 dg Exp $
+ * $Id: ip_input.c,v 1.85 1998/05/25 10:37:45 julian Exp $
  *	$ANA: ip_input.c,v 1.5 1996/09/18 14:34:59 wollman Exp $
  */
 
@@ -362,7 +362,7 @@ tooshort:
 #ifdef IPDIVERT
 		u_short port;
 
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 		port = (*ip_fw_chk_ptr)(&ip, hlen, NULL, ip_divert_ignore, &m);
 		ip_divert_ignore = 0;
 #else
@@ -370,7 +370,7 @@ tooshort:
 		port = (*ip_fw_chk_ptr)(&ip, hlen, NULL,
 					ip_divert_out_cookie, &m);
 		ip_divert_out_cookie = 0;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 		if (port) {			/* Divert packet */
 			frag_divert_port = port;
 			goto ours;
@@ -682,9 +682,9 @@ ip_reass(ip, fp, where)
 		fp->ipq_dst = ((struct ip *)ip)->ip_dst;
 #ifdef IPDIVERT
 		fp->ipq_divert = 0;
-#ifdef IPFW_DIVERT_RESTART
+#ifndef IPFW_DIVERT_OLDRESTART
 		fp->ipq_div_cookie = 0;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 #endif
 		q = (struct ipasfrag *)fp;
 		goto insert;
@@ -741,9 +741,9 @@ insert:
 	 */
 	if (frag_divert_port != 0) {
 		fp->ipq_divert = frag_divert_port;
-#ifdef IPFW_DIVERT_RESTART
+#ifndef IPFW_DIVERT_OLDRESTART
 		fp->ipq_div_cookie = ip_divert_in_cookie;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 	}
 	frag_divert_port = 0;
 #endif
@@ -792,9 +792,9 @@ insert:
 	 * Record divert port for packet, if any
 	 */
 	frag_divert_port = fp->ipq_divert;
-#ifdef IPFW_DIVERT_RESTART
+#ifndef IPFW_DIVERT_OLDRESTART
 	ip_divert_in_cookie = fp->ipq_div_cookie;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 #endif
 
 	/*
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
index da061bb..5089b5c 100644
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)ip_output.c	8.3 (Berkeley) 1/21/94
- *	$Id: ip_output.c,v 1.66 1998/03/21 11:34:20 peter Exp $
+ *	$Id: ip_output.c,v 1.67 1998/05/25 10:37:47 julian Exp $
  */
 
 #define _IP_VHL
@@ -371,7 +371,7 @@ sendit:
 	 */
 	if (ip_fw_chk_ptr) {
 #ifdef IPDIVERT
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 		ip_divert_port = (*ip_fw_chk_ptr)(&ip,
 		    hlen, ifp, ip_divert_ignore, &m);
 		ip_divert_ignore = 0;
@@ -380,7 +380,7 @@ sendit:
 		ip_divert_port = (*ip_fw_chk_ptr)(&ip,
 		    hlen, ifp, ip_divert_out_cookie, &m);
 		ip_divert_out_cookie = 0;
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 		if (ip_divert_port) {		/* Divert packet */
 			(*inetsw[ip_protox[IPPROTO_DIVERT]].pr_input)(m, 0);
 			goto done;
diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h
index a0aaeef..ba3e8cc0 100644
--- a/sys/netinet/ip_var.h
+++ b/sys/netinet/ip_var.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)ip_var.h	8.2 (Berkeley) 1/9/95
- *	$Id: ip_var.h,v 1.37 1998/05/19 15:53:50 pb Exp $
+ *	$Id: ip_var.h,v 1.38 1998/05/25 10:37:48 julian Exp $
  */
 
 #ifndef _NETINET_IP_VAR_H_
@@ -65,9 +65,9 @@ struct ipq {
 	struct	in_addr ipq_src,ipq_dst;
 #ifdef IPDIVERT
 	u_short ipq_divert;		/* divert protocol port */
-#ifdef IPFW_DIVERT_RESTART
+#ifndef IPFW_DIVERT_OLDRESTART
 	u_short ipq_div_cookie;		/* divert protocol cookie */
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 #endif
 };
 
@@ -210,13 +210,13 @@ void	div_init __P((void));
 void	div_input __P((struct mbuf *, int));
 extern struct pr_usrreqs div_usrreqs;
 extern u_short ip_divert_port;
-#ifndef IPFW_DIVERT_RESTART
+#ifdef IPFW_DIVERT_OLDRESTART
 extern u_short ip_divert_ignore;
 #else
 extern u_short ip_divert_in_cookie;
 extern u_short ip_divert_out_cookie;
 
-#endif /* IPFW_DIVERT_RESTART */
+#endif /* IPFW_DIVERT_OLDRESTART */
 #endif /* IPDIVERT */
 
 #endif /* KERNEL */