diff options
| author | Kenneth R Westerback <krw@cvs.openbsd.org> | 2016-04-29 08:55:04 +0000 |
|---|---|---|
| committer | Kenneth R Westerback <krw@cvs.openbsd.org> | 2016-04-29 08:55:04 +0000 |
| commit | c60adf118803560726db46d82bab209476c77647 (patch) | |
| tree | a2f34225a6b58ab97a5f4b3eca9352ddb43b8572 | |
| parent | 550a3adb72fa22f702f87ed04863d40b16e33edd (diff) | |
Make if_output() return EAFNOSUPPORT instead of just dropping packets
and pretending the output succeeded. Packets are still dropped!
Idea from jsg@ following same change to bridge(4). ok mpi@
| -rw-r--r-- | sys/net/if_pflog.c | 6 | ||||
| -rw-r--r-- | sys/net/if_pflow.c | 14 | ||||
| -rw-r--r-- | sys/net/if_pfsync.c | 6 |
3 files changed, 18 insertions, 8 deletions
diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c index 8e765734675..fc3aa9ed802 100644 --- a/sys/net/if_pflog.c +++ b/sys/net/if_pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflog.c,v 1.73 2015/12/05 10:07:55 tedu Exp $ */ +/* $OpenBSD: if_pflog.c,v 1.74 2016/04/29 08:55:03 krw Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -205,8 +205,8 @@ int pflogoutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, struct rtentry *rt) { - m_freem(m); - return (0); + m_freem(m); /* drop packet */ + return (EAFNOSUPPORT); } int diff --git a/sys/net/if_pflow.c b/sys/net/if_pflow.c index e605d48b79a..93c5d94218a 100644 --- a/sys/net/if_pflow.c +++ b/sys/net/if_pflow.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflow.c,v 1.60 2015/10/03 10:44:23 florian Exp $ */ +/* $OpenBSD: if_pflow.c,v 1.61 2016/04/29 08:55:03 krw Exp $ */ /* * Copyright (c) 2011 Florian Obser <florian@narrans.de> @@ -65,6 +65,8 @@ SLIST_HEAD(, pflow_softc) pflowif_list; struct pflowstats pflowstats; void pflowattach(int); +int pflow_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, + struct rtentry *rt); int pflow_clone_create(struct if_clone *, int); int pflow_clone_destroy(struct ifnet *); void pflow_init_timeouts(struct pflow_softc *); @@ -114,6 +116,14 @@ pflowattach(int npflow) } int +pflow_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, + struct rtentry *rt) +{ + m_freem(m); /* drop packet */ + return (EAFNOSUPPORT); +} + +int pflow_clone_create(struct if_clone *ifc, int unit) { struct ifnet *ifp; @@ -222,7 +232,7 @@ pflow_clone_create(struct if_clone *ifc, int unit) snprintf(ifp->if_xname, sizeof ifp->if_xname, "pflow%d", unit); ifp->if_softc = pflowif; ifp->if_ioctl = pflowioctl; - ifp->if_output = NULL; + ifp->if_output = pflow_output; ifp->if_start = NULL; ifp->if_type = IFT_PFLOW; IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 0082c44661e..f3594e39db0 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.228 2016/03/29 10:34:42 sashan Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.229 2016/04/29 08:55:03 krw Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -1224,8 +1224,8 @@ int pfsyncoutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, struct rtentry *rt) { - m_freem(m); - return (0); + m_freem(m); /* drop packet */ + return (EAFNOSUPPORT); } int |