Page MenuHomeFreeBSD

D36454.id110360.diff
No OneTemporary

D36454.id110360.diff

diff --git a/sys/net/pfil.h b/sys/net/pfil.h
--- a/sys/net/pfil.h
+++ b/sys/net/pfil.h
@@ -194,6 +194,10 @@
/* Public functions to run the packet inspection by inspection points. */
int pfil_run_hooks(struct pfil_head *, pfil_packet_t, struct ifnet *, int,
struct inpcb *inp);
+int pfil_mbuf_in(struct pfil_head *, pfil_packet_t, struct ifnet *,
+ struct inpcb *inp);
+int pfil_mbuf_out(struct pfil_head *, pfil_packet_t, struct ifnet *,
+ struct inpcb *inp);
/*
* Minimally exposed structure to avoid function call in case of absence
* of any filters by protocols and macros to do the check.
diff --git a/sys/net/pfil.c b/sys/net/pfil.c
--- a/sys/net/pfil.c
+++ b/sys/net/pfil.c
@@ -198,6 +198,42 @@
return (rv);
}
+static __always_inline int
+pfil_mbuf_common(pfil_chain_t *pch, pfil_packet_t p, struct ifnet *ifp,
+ int flags, struct inpcb *inp)
+{
+ struct pfil_link *link;
+ pfil_return_t rv;
+
+ NET_EPOCH_ASSERT();
+ KASSERT(flags == PFIL_IN || flags == PFIL_OUT,
+ ("%s: unsupported flags %d", __func__, flags));
+
+ rv = PFIL_PASS;
+ CK_STAILQ_FOREACH(link, pch, link_chain) {
+ rv = (*link->link_func)(p, ifp, flags, link->link_ruleset, inp);
+ if (rv == PFIL_DROPPED || rv == PFIL_CONSUMED)
+ break;
+ }
+ return (rv);
+}
+
+int
+pfil_mbuf_in(struct pfil_head *head, pfil_packet_t p, struct ifnet *ifp,
+ struct inpcb *inp)
+{
+
+ return (pfil_mbuf_common(&head->head_in, p, ifp, PFIL_IN, inp));
+}
+
+int
+pfil_mbuf_out(struct pfil_head *head, pfil_packet_t p, struct ifnet *ifp,
+ struct inpcb *inp)
+{
+
+ return (pfil_mbuf_common(&head->head_out, p, ifp, PFIL_OUT, inp));
+}
+
/*
* pfil_head_register() registers a pfil_head with the packet filter hook
* mechanism.

File Metadata

Mime Type
text/plain
Expires
Sun, Dec 15, 11:08 AM (13 h, 10 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15405832
Default Alt Text
D36454.id110360.diff (1 KB)

Event Timeline