Date: Fri, 3 Nov 2006 13:00:20 -0800 From: "Kevin Sanders" <newroswell@gmail.com> To: "Andrew Thompson" <thompsa@freebsd.org> Cc: net@freebsd.org Subject: Re: pfil on bridge interface, looking for ether_header Message-ID: <375baf50611031300n6a8088cbx49f121dfe1e6a644@mail.gmail.com> In-Reply-To: <20061103015215.GA31234@heff.fud.org.nz> References: <375baf50611021745m6d097245y4670d5741ffbd64a@mail.gmail.com> <20061103015215.GA31234@heff.fud.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/2/06, Andrew Thompson <thompsa@freebsd.org> wrote: > On Thu, Nov 02, 2006 at 05:45:50PM -0800, Kevin Sanders wrote: > > I've written a kernel module that has pfil_add_hook'ed into the pfil > > framework. When my input packet filter function is called, I can > > mtod(*m, struct IP *) to the IP header, but haven't found a way to > > find the original ethernet header. > > If you look in if_bridge.c:bridge_pfil you will see that the ethernet > header is stripped from the mbuf before passing to pfil. You may want to > create another hook such as ether_pfil_hook and modify the bridge to use > it. Alternatively see the recent discussion between Julian and Andre on > the matter. I've got a simple fix for this that solves my immediate need (to be able to reach the ethernet header). I grepped around, and don't see much use of the m_pkthdr.header value anymore, and this doesn't appear to break anything yet. *** if_bridge.c 21 Oct 2006 12:10:39 -0700 1.11.2.40 --- if_bridge.c 03 Nov 2006 11:46:15 -0800 *************** *** 2781,2786 **** --- 2781,2787 ---- ipfwpass: error = 0; + (*mp)->m_pkthdr.header = &eh2; /* * Run the packet through pfil *************** *** 2902,2907 **** --- 2903,2909 ---- if (*mp == NULL) return (error); bcopy(&eh2, mtod(*mp, caddr_t), ETHER_HDR_LEN); + (*mp)->m_pkthdr.header = NULL; return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?375baf50611031300n6a8088cbx49f121dfe1e6a644>