Date: Tue, 27 Jul 2010 14:26:34 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r210537 - in head/sys: netgraph netinet/ipfw Message-ID: <201007271426.o6REQYZ9018985@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Tue Jul 27 14:26:34 2010 New Revision: 210537 URL: http://svn.freebsd.org/changeset/base/210537 Log: Fix operation of "netgraph" action in conjunction with the net.inet.ip.fw.one_pass sysctl. The "ngtee" action is still broken. PR: kern/148885 Submitted by: Nickolay Dudorov <nnd mail.nsk.ru> Modified: head/sys/netgraph/ng_ipfw.c head/sys/netinet/ipfw/ip_fw2.c Modified: head/sys/netgraph/ng_ipfw.c ============================================================================== --- head/sys/netgraph/ng_ipfw.c Tue Jul 27 13:06:18 2010 (r210536) +++ head/sys/netgraph/ng_ipfw.c Tue Jul 27 14:26:34 2010 (r210537) @@ -287,7 +287,8 @@ ng_ipfw_input(struct mbuf **m0, int dir, } r = (struct ipfw_rule_ref *)(tag + 1); *r = fwa->rule; - r->info = dir ? IPFW_INFO_IN : IPFW_INFO_OUT; + r->info &= IPFW_ONEPASS; /* keep this info */ + r->info |= dir ? IPFW_INFO_IN : IPFW_INFO_OUT; m_tag_prepend(m, tag); } else Modified: head/sys/netinet/ipfw/ip_fw2.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw2.c Tue Jul 27 13:06:18 2010 (r210536) +++ head/sys/netinet/ipfw/ip_fw2.c Tue Jul 27 14:26:34 2010 (r210537) @@ -2084,6 +2084,8 @@ do { \ set_match(args, f_pos, chain); args->rule.info = (cmd->arg1 == IP_FW_TABLEARG) ? tablearg : cmd->arg1; + if (V_fw_one_pass) + args->rule.info |= IPFW_ONEPASS; retval = (cmd->opcode == O_NETGRAPH) ? IP_FW_NETGRAPH : IP_FW_NGTEE; l = 0; /* exit inner loop */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007271426.o6REQYZ9018985>