From owner-cvs-all Mon May 25 03:43:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA21049 for cvs-all-outgoing; Mon, 25 May 1998 03:43:15 -0700 (PDT) (envelope-from owner-cvs-all@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA21013; Mon, 25 May 1998 03:43:03 -0700 (PDT) (envelope-from julian@FreeBSD.org) From: Julian Elischer Received: (from julian@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id DAA04693; Mon, 25 May 1998 03:37:49 -0700 (PDT) Date: Mon, 25 May 1998 03:37:49 -0700 (PDT) Message-Id: <199805251037.DAA04693@freefall.freebsd.org> To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-sys@FreeBSD.ORG Subject: cvs commit: src/sys/conf options src/sys/netinet ip_divert.c ip_fw.c ip_input.c ip_output.c ip_var.h Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk julian 1998/05/25 03:37:49 PDT Modified files: sys/conf options sys/netinet ip_divert.c ip_fw.c ip_input.c ip_output.c ip_var.h Log: Add optional code to change the way that divert and ipfw work together. Prior to this change, Accidental recursion protection was done by the diverted daemon feeding back the divert port number it got the packet on, as the port number on a sendto(). IPFW knew not to redivert a packet to this port (again). Processing of the ruleset started at the beginning again, skipping that divert port. The new semantic (which is how we should have done it the first time) is that the port number in the sendto() is the rule number AFTER which processing should restart, and on a recvfrom(), the port number is the rule number which caused the diversion. This is much more flexible, and also more intuitive. If the user uses the same sockaddr received when resending, processing resumes at the rule number following that that caused the diversion. The user can however select to resume rule processing at any rule. (0 is restart at the beginning) To enable the new code use option IPFW_DIVERT_RESTART This should become the default as soon as people have looked at it a bit Revision Changes Path 1.75 +3 -1 src/sys/conf/options 1.26 +43 -2 src/sys/netinet/ip_divert.c 1.84 +36 -1 src/sys/netinet/ip_fw.c 1.85 +25 -2 src/sys/netinet/ip_input.c 1.67 +9 -1 src/sys/netinet/ip_output.c 1.38 +10 -1 src/sys/netinet/ip_var.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message