1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
*** /sys/netinet/ip_output.c.orig Thu Oct 24 22:27:28 1996
--- /sys/netinet/ip_output.c Tue Feb 18 21:38:23 1997
***************
*** 65,70 ****
--- 65,74 ----
static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *));
static void ip_mloopback
__P((struct ifnet *, struct mbuf *, struct sockaddr_in *));
+ #if defined(IPFILTER_LKM) || defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* IP output. The packet in mbuf chain m contains a skeletal IP
***************
*** 330,335 ****
--- 334,351 ----
m->m_flags &= ~M_BCAST;
sendit:
+ #if defined(IPFILTER) || defined(IPFILTER_LKM)
+ /*
+ * looks like most checking has been done now...do a filter check
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1)
+ goto done;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* Check with the firewall...
*/
|
