Page MenuHomeFreeBSD
Files F153370639

D40340.id122757.diff
No OneTemporary
Actions

D40340.id122757.diff
View Options

diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -2230,13 +2230,15 @@
int pf_test_eth(int, int, struct ifnet *, struct mbuf **, struct inpcb *);
#ifdef INET
-int pf_test(int, int, struct ifnet *, struct mbuf **, struct inpcb *);
+int pf_test(int, int, struct ifnet *, struct mbuf **, struct inpcb *,
+ struct pf_rule_actions *);
int pf_normalize_ip(struct mbuf **, int, struct pfi_kkif *, u_short *,
struct pf_pdesc *);
#endif /* INET */
#ifdef INET6
-int pf_test6(int, int, struct ifnet *, struct mbuf **, struct inpcb *);
+int pf_test6(int, int, struct ifnet *, struct mbuf **, struct inpcb *,
+ struct pf_rule_actions *);
int pf_normalize_ip6(struct mbuf **, int, struct pfi_kkif *, u_short *,
struct pf_pdesc *);
void pf_poolmask(struct pf_addr *, struct pf_addr*,
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -6546,7 +6546,7 @@
goto bad;
if (dir == PF_IN) {
- if (pf_test(PF_OUT, 0, ifp, &m0, inp) != PF_PASS)
+ if (pf_test(PF_OUT, 0, ifp, &m0, inp, &pd->act) != PF_PASS)
goto bad;
else if (m0 == NULL)
goto done;
@@ -6762,7 +6762,7 @@
goto bad;
if (dir == PF_IN) {
- if (pf_test6(PF_OUT, 0, ifp, &m0, inp) != PF_PASS)
+ if (pf_test6(PF_OUT, 0, ifp, &m0, inp, &pd->act) != PF_PASS)
goto bad;
else if (m0 == NULL)
goto done;
@@ -7120,7 +7120,8 @@
#ifdef INET
int
-pf_test(int dir, int pflags, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp)
+pf_test(int dir, int pflags, struct ifnet *ifp, struct mbuf **m0,
+ struct inpcb *inp, struct pf_rule_actions *default_actions)
{
struct pfi_kkif *kif;
u_short action, reason = 0, log = 0;
@@ -7172,6 +7173,8 @@
}
memset(&pd, 0, sizeof(pd));
+ if (default_actions != NULL)
+ memcpy(&pd.act, default_actions, sizeof(pd.act));
pd.pf_mtag = pf_find_mtag(m);
if (pd.pf_mtag != NULL && (pd.pf_mtag->flags & PF_TAG_ROUTE_TO)) {
@@ -7312,7 +7315,7 @@
break;
}
- action = pf_test(dir, pflags, ifp, &msyn, inp);
+ action = pf_test(dir, pflags, ifp, &msyn, inp, &pd.act);
m_freem(msyn);
if (action == PF_PASS) {
@@ -7682,7 +7685,8 @@
#ifdef INET6
int
-pf_test6(int dir, int pflags, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp)
+pf_test6(int dir, int pflags, struct ifnet *ifp, struct mbuf **m0, struct inpcb *inp,
+ struct pf_rule_actions *default_actions)
{
struct pfi_kkif *kif;
u_short action, reason = 0, log = 0;
@@ -7733,6 +7737,8 @@
}
memset(&pd, 0, sizeof(pd));
+ if (default_actions != NULL)
+ memcpy(&pd.act, default_actions, sizeof(pd.act));
pd.pf_mtag = pf_find_mtag(m);
if (pd.pf_mtag != NULL && (pd.pf_mtag->flags & PF_TAG_ROUTE_TO)) {
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -6534,7 +6534,7 @@
{
int chk;
- chk = pf_test(PF_IN, flags, ifp, m, inp);
+ chk = pf_test(PF_IN, flags, ifp, m, inp, NULL);
return (pf_check_return(chk, m));
}
@@ -6545,7 +6545,7 @@
{
int chk;
- chk = pf_test(PF_OUT, flags, ifp, m, inp);
+ chk = pf_test(PF_OUT, flags, ifp, m, inp, NULL);
return (pf_check_return(chk, m));
}
@@ -6564,7 +6564,8 @@
* filtering we have change this to lo0 as it is the case in IPv4.
*/
CURVNET_SET(ifp->if_vnet);
- chk = pf_test6(PF_IN, flags, (*m)->m_flags & M_LOOP ? V_loif : ifp, m, inp);
+ chk = pf_test6(PF_IN, flags, (*m)->m_flags & M_LOOP ? V_loif : ifp,
+ m, inp, NULL);
CURVNET_RESTORE();
return (pf_check_return(chk, m));
@@ -6577,7 +6578,7 @@
int chk;
CURVNET_SET(ifp->if_vnet);
- chk = pf_test6(PF_OUT, flags, ifp, m, inp);
+ chk = pf_test6(PF_OUT, flags, ifp, m, inp, NULL);
CURVNET_RESTORE();
return (pf_check_return(chk, m));

File Metadata

Mime Type
text/plain
Expires
Tue, Apr 21, 6:40 PM (9 h, 54 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31902087
Default Alt Text
D40340.id122757.diff (3 KB)

Event Timeline