Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/pf/pf.c
| Show First 20 Lines • Show All 5,450 Lines • ▼ Show 20 Lines | if (nsn != NULL) { | ||||
| /* XXX We only modify one side for now. */ | /* XXX We only modify one side for now. */ | ||||
| PF_ACPY(&nsn->raddr, &nk->addr[1], pd->af); | PF_ACPY(&nsn->raddr, &nk->addr[1], pd->af); | ||||
| s->nat_src_node = nsn; | s->nat_src_node = nsn; | ||||
| } | } | ||||
| if (pd->proto == IPPROTO_TCP) { | if (pd->proto == IPPROTO_TCP) { | ||||
| if (s->state_flags & PFSTATE_SCRUB_TCP && | if (s->state_flags & PFSTATE_SCRUB_TCP && | ||||
| pf_normalize_tcp_init(m, off, pd, th, &s->src, &s->dst)) { | pf_normalize_tcp_init(m, off, pd, th, &s->src, &s->dst)) { | ||||
| REASON_SET(&reason, PFRES_MEMORY); | REASON_SET(&reason, PFRES_MEMORY); | ||||
| goto drop; | goto csfailed; | ||||
| } | } | ||||
| if (s->state_flags & PFSTATE_SCRUB_TCP && s->src.scrub && | if (s->state_flags & PFSTATE_SCRUB_TCP && s->src.scrub && | ||||
| pf_normalize_tcp_stateful(m, off, pd, &reason, th, s, | pf_normalize_tcp_stateful(m, off, pd, &reason, th, s, | ||||
| &s->src, &s->dst, rewrite)) { | &s->src, &s->dst, rewrite)) { | ||||
| /* This really shouldn't happen!!! */ | /* This really shouldn't happen!!! */ | ||||
| DPFPRINTF(PF_DEBUG_URGENT, | DPFPRINTF(PF_DEBUG_URGENT, | ||||
| ("pf_normalize_tcp_stateful failed on first " | ("pf_normalize_tcp_stateful failed on first " | ||||
| "pkt\n")); | "pkt\n")); | ||||
| goto drop; | goto csfailed; | ||||
| } | } | ||||
| } else if (pd->proto == IPPROTO_SCTP) { | } else if (pd->proto == IPPROTO_SCTP) { | ||||
| if (pf_normalize_sctp_init(m, off, pd, &s->src, &s->dst)) | if (pf_normalize_sctp_init(m, off, pd, &s->src, &s->dst)) | ||||
| goto drop; | goto csfailed; | ||||
| if (! (pd->sctp_flags & (PFDESC_SCTP_INIT | PFDESC_SCTP_ADD_IP))) | if (! (pd->sctp_flags & (PFDESC_SCTP_INIT | PFDESC_SCTP_ADD_IP))) | ||||
| goto drop; | goto csfailed; | ||||
| } | } | ||||
| s->direction = pd->dir; | s->direction = pd->dir; | ||||
| /* | /* | ||||
| * sk/nk could already been setup by pf_get_translation(). | * sk/nk could already been setup by pf_get_translation(). | ||||
| */ | */ | ||||
| if (nr == NULL) { | if (nr == NULL) { | ||||
| KASSERT((sk == NULL && nk == NULL), ("%s: nr %p sk %p, nk %p", | KASSERT((sk == NULL && nk == NULL), ("%s: nr %p sk %p, nk %p", | ||||
| ▲ Show 20 Lines • Show All 4,236 Lines • Show Last 20 Lines | |||||