From abff9893204d3d9f02c33c231a25645dca0d6181 Mon Sep 17 00:00:00 2001
From: glebius <glebius@FreeBSD.org>
Date: Sun, 6 Feb 2005 11:13:59 +0000
Subject: Jump to common action checks after doing specific once. This fixes
 adding of divert rules, which I break in previous commit.

Pointy hat to:	glebius
---
 sys/netinet/ip_fw2.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'sys/netinet')

diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c
index 57aa13c..9752fa6 100644
--- a/sys/netinet/ip_fw2.c
+++ b/sys/netinet/ip_fw2.c
@@ -3127,10 +3127,14 @@ check_ipfw_struct(struct ip_fw *rule, int size)
 		case O_TEE:
 			if (ip_divert_ptr == NULL)
 				return EINVAL;
+			else
+				goto check_size;
 		case O_NETGRAPH:
 		case O_NGTEE:
 			if (!NG_IPFW_LOADED)
 				return EINVAL;
+			else
+				goto check_size;
 		case O_FORWARD_MAC: /* XXX not implemented yet */
 		case O_CHECK_STATE:
 		case O_COUNT:
@@ -3138,6 +3142,7 @@ check_ipfw_struct(struct ip_fw *rule, int size)
 		case O_DENY:
 		case O_REJECT:
 		case O_SKIPTO:
+check_size:
 			if (cmdlen != F_INSN_SIZE(ipfw_insn))
 				goto bad_size;
 check_action:
-- 
cgit v1.1