diff options
| -rw-r--r-- | sys/netinet/ip_fw2.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index 2cb6c85..9a46ce7 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -2959,6 +2959,11 @@ check_ipfw_struct(struct ip_fw *rule, int size) goto bad_size; goto check_action; + case O_DIVERT: + case O_TEE: +#ifndef IPDIVERT + return EINVAL; +#endif case O_FORWARD_MAC: /* XXX not implemented yet */ case O_CHECK_STATE: case O_COUNT: @@ -2966,8 +2971,6 @@ check_ipfw_struct(struct ip_fw *rule, int size) case O_DENY: case O_REJECT: case O_SKIPTO: - case O_DIVERT: - case O_TEE: if (cmdlen != F_INSN_SIZE(ipfw_insn)) goto bad_size; check_action: |
