diff options
| author |   bluhm <bluhm@openbsd.org> | 2017-11-28 16:05:46 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2017-11-28 16:05:46 +0000 |
| commit | 37fced87094c38578ebbe36dae5441179ff5d22c (patch) | |
| tree | 13e7719674d1c3de2b6160d118eb7da35254caaf /sys/netinet/raw_ip.c | |
| parent | fktrace(2) has been removed (diff) | |
| download | wireguard-openbsd-37fced87094c38578ebbe36dae5441179ff5d22c.tar.xz wireguard-openbsd-37fced87094c38578ebbe36dae5441179ff5d22c.zip | |
The divert structure was using the port number to indicate that
divert-to or divert-reply was active. If the address was also set,
it meant divert-to. Divert packet used a separate structure. This
is confusing and makes it hard to add new features. It is better
to have a divert type that explicitly says what is configured.
Adapt the pf rule struct in kernel and pfctl, no functional change.
Note that kernel and pfctl have to be updated together.
OK sashan@
Diffstat (limited to 'sys/netinet/raw_ip.c')
| -rw-r--r-- | sys/netinet/raw_ip.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index d969c5ee66c..85986a64900 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: raw_ip.c,v 1.106 2017/11/20 10:35:24 mpi Exp $ */ +/* $OpenBSD: raw_ip.c,v 1.107 2017/11/28 16:05:46 bluhm Exp $ */ /* $NetBSD: raw_ip.c,v 1.25 1996/02/18 18:58:33 christos Exp $ */ /* @@ -149,7 +149,7 @@ rip_input(struct mbuf **mp, int *offp, int proto, int af) /* XXX rdomain support */ if ((divert = pf_find_divert(m)) == NULL) continue; - if (!divert->addr.v4.s_addr) + if (divert->type == PF_DIVERT_REPLY) goto divert_reply; if (inp->inp_laddr.s_addr != divert->addr.v4.s_addr) continue; |