summaryrefslogtreecommitdiffstats
path: root/sys/netinet
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet')
-rw-r--r--sys/netinet/ip_fw.h2
-rw-r--r--sys/netinet/ip_fw2.c30
2 files changed, 25 insertions, 7 deletions
diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h
index 14ca1d5..086ce8e 100644
--- a/sys/netinet/ip_fw.h
+++ b/sys/netinet/ip_fw.h
@@ -521,6 +521,8 @@ struct ip_fw_args {
struct inpcb *inp;
struct _ip6dn_args dummypar; /* dummynet->ip6_output */
+ struct sockaddr_in hopstore; /* store here if cannot use a pointer */
+
};
/*
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c
index e9b24df..47fc7f6 100644
--- a/sys/netinet/ip_fw2.c
+++ b/sys/netinet/ip_fw2.c
@@ -738,7 +738,7 @@ static u_int64_t norule_counter; /* counter for ipfw_log(NULL...) */
*/
static void
ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args,
- struct mbuf *m, struct ifnet *oif, u_short offset)
+ struct mbuf *m, struct ifnet *oif, u_short offset, uint32_t tablearg)
{
struct ether_header *eh = args->eh;
char *action;
@@ -831,9 +831,15 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args,
case O_FORWARD_IP: {
ipfw_insn_sa *sa = (ipfw_insn_sa *)cmd;
int len;
+ struct in_addr dummyaddr;
+ if (sa->sa.sin_addr.s_addr == INADDR_ANY)
+ dummyaddr.s_addr = htonl(tablearg);
+ else
+ dummyaddr.s_addr = sa->sa.sin_addr.s_addr;
len = snprintf(SNPARGS(action2, 0), "Forward to %s",
- inet_ntoa(sa->sa.sin_addr));
+ inet_ntoa(dummyaddr));
+
if (sa->sa.sin_port)
snprintf(SNPARGS(action2, len), ":%d",
sa->sa.sin_port);
@@ -2785,7 +2791,7 @@ check_body:
case O_LOG:
if (fw_verbose)
- ipfw_log(f, hlen, args, m, oif, offset);
+ ipfw_log(f, hlen, args, m, oif, offset, tablearg);
match = 1;
break;
@@ -3141,13 +3147,23 @@ check_body:
retval = IP_FW_DENY;
goto done;
- case O_FORWARD_IP:
+ case O_FORWARD_IP: {
+ struct sockaddr_in *sa;
+ sa = &(((ipfw_insn_sa *)cmd)->sa);
if (args->eh) /* not valid on layer2 pkts */
break;
- if (!q || dyn_dir == MATCH_FORWARD)
- args->next_hop =
- &((ipfw_insn_sa *)cmd)->sa;
+ if (!q || dyn_dir == MATCH_FORWARD) {
+ if (sa->sin_addr.s_addr == INADDR_ANY) {
+ bcopy(sa, &args->hopstore,
+ sizeof(*sa));
+ args->hopstore.sin_addr.s_addr = htonl(tablearg);
+ args->next_hop = &args->hopstore;
+ } else {
+ args->next_hop = sa;
+ }
+ }
retval = IP_FW_PASS;
+ }
goto done;
case O_NETGRAPH:
OpenPOWER on IntegriCloud