From owner-svn-soc-all@FreeBSD.ORG Tue Jun 10 15:21:34 2014 Return-Path: Delivered-To: svn-soc-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E27C9477 for ; Tue, 10 Jun 2014 15:21:34 +0000 (UTC) Received: from socsvn.freebsd.org (socsvn.freebsd.org [IPv6:2001:1900:2254:206a::50:2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CF20A219D for ; Tue, 10 Jun 2014 15:21:34 +0000 (UTC) Received: from socsvn.freebsd.org ([127.0.1.124]) by socsvn.freebsd.org (8.14.8/8.14.8) with ESMTP id s5AFLYJY093662 for ; Tue, 10 Jun 2014 15:21:34 GMT (envelope-from dpl@FreeBSD.org) Received: (from www@localhost) by socsvn.freebsd.org (8.14.8/8.14.8/Submit) id s5AFLYCG093311 for svn-soc-all@FreeBSD.org; Tue, 10 Jun 2014 15:21:34 GMT (envelope-from dpl@FreeBSD.org) Date: Tue, 10 Jun 2014 15:21:34 GMT Message-Id: <201406101521.s5AFLYCG093311@socsvn.freebsd.org> X-Authentication-Warning: socsvn.freebsd.org: www set sender to dpl@FreeBSD.org using -f From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r269360 - soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-soc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the entire Summer of Code repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2014 15:21:35 -0000 Author: dpl Date: Tue Jun 10 15:21:33 2014 New Revision: 269360 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=269360 Log: Added code for: O_VERSRCREACH Modified: soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h Modified: soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c Tue Jun 10 15:12:30 2014 (r269359) +++ soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_fw2.c Tue Jun 10 15:21:33 2014 (r269360) @@ -1587,14 +1587,7 @@ break; case O_VERSRCREACH: - /* Outgoing packets automatically pass/match */ - match = (hlen > 0 && ((oif != NULL) || -#ifdef INET6 - is_ipv6 ? - verify_path6(&(args->f_id.src_ip6), - NULL, args->f_id.fib) : -#endif - verify_path(src_ip, NULL, args->f_id.fib))); + rule_versrcreach(&match, oif, m, is_ipv6, args, scr_ip); break; case O_ANTISPOOF: Modified: soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h ============================================================================== --- soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h Tue Jun 10 15:12:30 2014 (r269359) +++ soc2014/dpl/netmap-ipfw/sys/netpfil/ipfw/ip_rules.h Tue Jun 10 15:21:33 2014 (r269360) @@ -564,6 +564,14 @@ inline void rule_versrcreach(int *match, int is_ipv6 struct ip_fw_args *args, struct in_addr *src_ip) { + /* Outgoing packets automatically pass/match */ + match = (hlen > 0 && ((oif != NULL) || +#ifdef INET6 + is_ipv6 ? + verify_path6(&(args->f_id.src_ip6), + NULL, args->f_id.fib) : +#endif + verify_path(src_ip, NULL, args->f_id.fib))); } inline void