diff options
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_fastfwd.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c index 46cb504..2b81b6a 100644 --- a/sys/netinet/ip_fastfwd.c +++ b/sys/netinet/ip_fastfwd.c @@ -36,8 +36,10 @@ * driver calls ip_fastforward, we do our routing table lookup and directly * send it off to the outgoing interface which DMAs the packet to the * network card. The only part of the packet we touch with the CPU is the - * IP header. We are essentially limited by bus bandwidth and how fast the - * network card/driver can set up receives and transmits. + * IP header (unless there are complex firewall rules touching other parts + * of the packet, but that is up to you). We are essentially limited by bus + * bandwidth and how fast the network card/driver can set up receives and + * transmits. * * We handle basic errors, ip header errors, checksum errors, * destination unreachable, fragmentation and fragmentation needed and @@ -344,7 +346,6 @@ fallback: if (fw_enable && IPFW_LOADED) { bzero(&args, sizeof(args)); args.m = m; - ipfw = 0; ipfw = ip_fw_chk_ptr(&args); m = args.m; @@ -528,10 +529,9 @@ passin: dest = ip->ip_dst.s_addr; #endif if (fw_enable && IPFW_LOADED && !args.next_hop) { - bzero(&args, sizeof(args)); + bzero(&args, sizeof(args)); args.m = m; args.oif = ifp; - ipfw = 0; ipfw = ip_fw_chk_ptr(&args); m = args.m; @@ -567,7 +567,7 @@ passin: goto drop; } tag->m_flags = PACKET_TAG_DIVERT; - tag->m_data = (caddr_t)(u_int32_t)args.divert_rule; + tag->m_data = (caddr_t)(u_long)args.divert_rule; tag->m_next = m; /* XXX: really bloody hack, see ip_input */ tag->m_nextpkt = (struct mbuf *)1; |