From owner-svn-src-stable-9@FreeBSD.ORG  Sat Dec 13 04:50:15 2014
Return-Path: <owner-svn-src-stable-9@FreeBSD.ORG>
Delivered-To: svn-src-stable-9@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 63B84817;
 Sat, 13 Dec 2014 04:50:15 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3504A3E3;
 Sat, 13 Dec 2014 04:50:15 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sBD4oFZI017597;
 Sat, 13 Dec 2014 04:50:15 GMT (envelope-from rodrigc@FreeBSD.org)
Received: (from rodrigc@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id sBD4oFF5017596;
 Sat, 13 Dec 2014 04:50:15 GMT (envelope-from rodrigc@FreeBSD.org)
Message-Id: <201412130450.sBD4oFF5017596@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: rodrigc set sender to
 rodrigc@FreeBSD.org using -f
From: Craig Rodrigues <rodrigc@FreeBSD.org>
Date: Sat, 13 Dec 2014 04:50:15 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org
Subject: svn commit: r275741 - stable/9/sys/contrib/ipfilter/netinet
X-SVN-Group: stable-9
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable-9@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for only the 9-stable src tree
 <svn-src-stable-9.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-stable-9>, 
 <mailto:svn-src-stable-9-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable-9/>
List-Post: <mailto:svn-src-stable-9@freebsd.org>
List-Help: <mailto:svn-src-stable-9-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable-9>, 
 <mailto:svn-src-stable-9-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Dec 2014 04:50:15 -0000

Author: rodrigc
Date: Sat Dec 13 04:50:14 2014
New Revision: 275741
URL: https://svnweb.freebsd.org/changeset/base/275741

Log:
  Merge r275213.
  
  Set the current vnet inside the ioctl handler for ipfilter.
  
  Without this fix, the vnet was NULL and would crash.
  This fix is similar to what was done inside the ioctl handler for PF.
  
  Tested by:
     (1) Boot a kernel with "options VIMAGE" enabled
     (2) Type:
  
     echo "map lo0 from 10.0.0.0/24 to ! 10.0.0.0/24 -> 127.0.0.1/32" > /etc/ipnat.rules ; service ipnat onerestart
  
  PR: 176992
  Differential Revision: https://reviews.freebsd.org/D1191

Modified:
  stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
Directory Properties:
  stable/9/   (props changed)
  stable/9/sys/   (props changed)

Modified: stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
==============================================================================
--- stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	Sat Dec 13 02:08:18 2014	(r275740)
+++ stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	Sat Dec 13 04:50:14 2014	(r275741)
@@ -47,11 +47,12 @@ static const char rcsid[] = "@(#)$Id: ip
 #endif
 #include <sys/time.h>
 #include <sys/systm.h>
-#if (__FreeBSD_version >= 300000)
 # include <sys/dirent.h>
-#else
-# include <sys/dir.h>
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800000)
+#include <sys/jail.h>
 #endif
+# include <sys/mbuf.h>
+# include <sys/sockopt.h>
 #if !defined(__hpux)
 # include <sys/mbuf.h>
 #endif
@@ -86,6 +87,12 @@ static const char rcsid[] = "@(#)$Id: ip
 #include <netinet/ip.h>
 #include <netinet/ip_var.h>
 #include <netinet/tcp.h>
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800000)
+#include <net/vnet.h>
+#else
+#define CURVNET_SET(arg)
+#define CURVNET_RESTORE()
+#endif
 #if defined(__osf__)
 # include <netinet/tcp_timer.h>
 #endif
@@ -362,7 +369,9 @@ int mode;
 
 	SPL_NET(s);
 
+	CURVNET_SET(TD_TO_VNET(p));
 	error = fr_ioctlswitch(unit, data, cmd, mode, p->p_uid, p);
+	CURVNET_RESTORE();
 	if (error != -1) {
 		SPL_X(s);
 		return error;