summaryrefslogtreecommitdiffstats
path: root/sys/net
diff options
context:
space:
mode:
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/if_bridge.c19
-rw-r--r--sys/net/if_ethersubr.c13
2 files changed, 16 insertions, 16 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index d0d2242..36fb9d8 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -3040,25 +3040,26 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
}
/* XXX this section is also in if_ethersubr.c */
- if (V_ip_fw_chk_ptr && pfil_ipfw != 0 && dir == PFIL_OUT && ifp != NULL) {
+ // XXX PFIL_OUT or DIR_OUT ?
+ if (V_ip_fw_chk_ptr && pfil_ipfw != 0 &&
+ dir == PFIL_OUT && ifp != NULL) {
struct m_tag *mtag;
error = -1;
- mtag = m_tag_find(*mp, PACKET_TAG_DUMMYNET, NULL);
+ /* fetch the start point from existing tags, if any */
+ mtag = m_tag_locate(*mp, MTAG_IPFW_RULE, 0, NULL);
if (mtag == NULL) {
- args.slot = 0;
+ args.rule.slot = 0;
} else {
struct dn_pkt_tag *dn_tag;
+ /* XXX can we free the tag after use ? */
mtag->m_tag_id = PACKET_TAG_NONE;
dn_tag = (struct dn_pkt_tag *)(mtag + 1);
- if (dn_tag->slot != 0 && V_fw_one_pass)
- /* packet already partially processed */
+ /* packet already partially processed ? */
+ if (dn_tag->rule.slot != 0 && V_fw_one_pass)
goto ipfwpass;
- args.slot = dn_tag->slot; /* next rule to use */
- args.chain_id = dn_tag->chain_id;
- args.rulenum = dn_tag->rulenum;
- args.rule_id = dn_tag->rule_id;
+ args.rule = dn_tag->rule;
}
args.m = *mp;
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index 5fd53e8..7b32e5b 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -469,21 +469,20 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, int shared)
struct ip_fw_args args;
struct m_tag *mtag;
- mtag = m_tag_find(*m0, PACKET_TAG_DUMMYNET, NULL);
+ /* fetch start point from rule, if any */
+ mtag = m_tag_locate(*m0, MTAG_IPFW_RULE, 0, NULL);
if (mtag == NULL) {
- args.slot = 0;
+ args.rule.slot = 0;
} else {
struct dn_pkt_tag *dn_tag;
+ /* XXX can we free it after use ? */
mtag->m_tag_id = PACKET_TAG_NONE;
dn_tag = (struct dn_pkt_tag *)(mtag + 1);
- if (dn_tag->slot != 0 && V_fw_one_pass)
+ if (dn_tag->rule.slot != 0 && V_fw_one_pass)
/* dummynet packet, already partially processed */
return (1);
- args.slot = dn_tag->slot; /* matching rule to restart */
- args.rulenum = dn_tag->rulenum;
- args.rule_id = dn_tag->rule_id;
- args.chain_id = dn_tag->chain_id;
+ args.rule = dn_tag->rule;
}
/*
OpenPOWER on IntegriCloud