Changeset View
Changeset View
Standalone View
Standalone View
sys/netpfil/ipfw/ip_fw_pfil.c
| Show First 20 Lines • Show All 123 Lines • ▼ Show 20 Lines | ipfw_check_packet(struct mbuf **m0, struct ifnet *ifp, int flags, | ||||
| void *ruleset __unused, struct inpcb *inp) | void *ruleset __unused, struct inpcb *inp) | ||||
| { | { | ||||
| struct ip_fw_args args; | struct ip_fw_args args; | ||||
| struct m_tag *tag; | struct m_tag *tag; | ||||
| pfil_return_t ret; | pfil_return_t ret; | ||||
| int ipfw; | int ipfw; | ||||
| args.flags = (flags & PFIL_IN) ? IPFW_ARGS_IN : IPFW_ARGS_OUT; | args.flags = (flags & PFIL_IN) ? IPFW_ARGS_IN : IPFW_ARGS_OUT; | ||||
| if (flags & PFIL_FWD) | |||||
| args.flags |= IPFW_ARGS_FWD; | |||||
| again: | again: | ||||
| /* | /* | ||||
| * extract and remove the tag if present. If we are left | * extract and remove the tag if present. If we are left | ||||
| * with onepass, optimize the outgoing path. | * with onepass, optimize the outgoing path. | ||||
| */ | */ | ||||
| tag = m_tag_locate(*m0, MTAG_IPFW_RULE, 0, NULL); | tag = m_tag_locate(*m0, MTAG_IPFW_RULE, 0, NULL); | ||||
| if (tag != NULL) { | if (tag != NULL) { | ||||
| args.rule = *((struct ipfw_rule_ref *)(tag+1)); | args.rule = *((struct ipfw_rule_ref *)(tag+1)); | ||||
| m_tag_delete(*m0, tag); | m_tag_delete(*m0, tag); | ||||
| if (args.rule.info & IPFW_ONEPASS) | if (args.rule.info & IPFW_ONEPASS) | ||||
| return (0); | return (PFIL_PASS); | ||||
| args.flags |= IPFW_ARGS_REF; | args.flags |= IPFW_ARGS_REF; | ||||
| } | } | ||||
| args.m = *m0; | args.m = *m0; | ||||
| args.ifp = ifp; | args.ifp = ifp; | ||||
| args.inp = inp; | args.inp = inp; | ||||
| ipfw = ipfw_chk(&args); | ipfw = ipfw_chk(&args); | ||||
| ▲ Show 20 Lines • Show All 552 Lines • Show Last 20 Lines | |||||