From owner-svn-src-head@FreeBSD.ORG Tue Oct 7 13:31:05 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38C07B9B; Tue, 7 Oct 2014 13:31:05 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 255E6EE7; Tue, 7 Oct 2014 13:31:05 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s97DV57Z088378; Tue, 7 Oct 2014 13:31:05 GMT (envelope-from ae@FreeBSD.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s97DV5hB088377; Tue, 7 Oct 2014 13:31:05 GMT (envelope-from ae@FreeBSD.org) Message-Id: <201410071331.s97DV5hB088377@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: ae set sender to ae@FreeBSD.org using -f From: "Andrey V. Elsukov" Date: Tue, 7 Oct 2014 13:31:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r272695 - head/sys/net X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 13:31:05 -0000 Author: ae Date: Tue Oct 7 13:31:04 2014 New Revision: 272695 URL: https://svnweb.freebsd.org/changeset/base/272695 Log: Our packet filters use mbuf's rcvif pointer to determine incoming interface. Change mbuf's rcvif to enc0 and restore it after pfil processing. PR: 110959 Sponsored by: Yandex LLC Modified: head/sys/net/if_enc.c Modified: head/sys/net/if_enc.c ============================================================================== --- head/sys/net/if_enc.c Tue Oct 7 13:30:42 2014 (r272694) +++ head/sys/net/if_enc.c Tue Oct 7 13:31:04 2014 (r272695) @@ -230,6 +230,7 @@ ipsec_filter(struct mbuf **mp, int dir, { int error, i; struct ip *ip; + struct ifnet *rcvif; KASSERT(encif != NULL, ("%s: encif is null", __func__)); KASSERT(flags & (ENC_IN|ENC_OUT), @@ -268,6 +269,8 @@ ipsec_filter(struct mbuf **mp, int dir, } error = 0; + rcvif = (*mp)->m_pkthdr.rcvif; + (*mp)->m_pkthdr.rcvif = encif; ip = mtod(*mp, struct ip *); switch (ip->ip_v) { #ifdef INET @@ -298,6 +301,7 @@ ipsec_filter(struct mbuf **mp, int dir, if (error != 0) goto bad; + (*mp)->m_pkthdr.rcvif = rcvif; return (error); bad: