From owner-freebsd-ipfw Mon Mar 6 9:15:51 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from lk.tempest.sk (lk.tempest.sk [195.28.100.47]) by hub.freebsd.org (Postfix) with ESMTP id 78E2237BE4F for ; Mon, 6 Mar 2000 09:15:46 -0800 (PST) (envelope-from lk@tempest.sk) Received: (from koren@localhost) by lk.tempest.sk (8.9.3/8.9.3) id SAA35436; Mon, 6 Mar 2000 18:15:06 +0100 (CET) (envelope-from koren) Date: Mon, 6 Mar 2000 18:15:06 +0100 (CET) Message-Id: <200003061715.SAA35436@lk.tempest.sk> From: Ludo Koren To: robert+freebsd@cyrus.watson.org Cc: luigi@info.iet.unipi.it, ipfw@FreeBSD.ORG In-reply-to: (message from Robert Watson on Mon, 6 Mar 2000 10:53:28 -0500 (EST)) Subject: Re: ipdivert and ethernet bridging Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Ludo, > I would be very interested in this code. While I probably > could develop it myself, I'd really rather not :-). > Presumably you pull the same tricks that the normal ip_input > code does for reassembly appropriate-looking packets, etc, etc. The patch follows. Comments are welcomed. ludo Index: src/sys/net/bridge.c =================================================================== RCS file: /home/ncvs/src/sys/net/bridge.c,v retrieving revision 1.4.2.6 diff -c -r1.4.2.6 bridge.c *** bridge.c 2000/01/18 14:07:13 1.4.2.6 --- bridge.c 2000/03/06 17:04:54 *************** *** 645,650 **** --- 645,651 ---- struct ip_fw_chain *rule = NULL ; int off; struct ip *ip ; + extern struct sockaddr_in *ip_fw_fwd_addr; m = *m0 ; #ifdef DUMMYNET *************** *** 708,714 **** * The third parameter to the firewall code is the dst. interface. * Since we apply checks only on input pkts we use NULL. */ ! off = (*ip_fw_chk_ptr)(NULL, 0, NULL, &dummy, &m, &rule, NULL) ; if (m == NULL) { /* pkt discarded by firewall */ /* --- 709,715 ---- * The third parameter to the firewall code is the dst. interface. * Since we apply checks only on input pkts we use NULL. */ ! off = (*ip_fw_chk_ptr)(NULL, 0, NULL, &dummy, &m, &rule, &ip_fw_fwd_addr) ; if (m == NULL) { /* pkt discarded by firewall */ /* *************** *** 719,724 **** --- 720,747 ---- if (canfree) *m0 = NULL ; return 0 ; + } + + if (ip_fw_fwd_addr != NULL) { + eh = mtod(m, struct ether_header *); + ip = (struct ip *)(eh + 1); + + HTONS(ip->ip_len); + HTONS(ip->ip_id); + HTONS(ip->ip_off); + + m_adj(m, sizeof(struct ether_header)); + ip_input(m); + ip_fw_fwd_addr = NULL; + + /* cleanup any mbuf leftover. */ + if (m == *m0) + *m0 = NULL ; + if (canfree && *m0) { + m_freem(*m0); + *m0 = NULL ; + } + return 0; } /* To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message