diff options
author | Niels Provos <provos@cvs.openbsd.org> | 2001-07-17 21:54:28 +0000 |
---|---|---|
committer | Niels Provos <provos@cvs.openbsd.org> | 2001-07-17 21:54:28 +0000 |
commit | 5b5d6a6789a07db25d822e6cdc8faa22b41e4711 (patch) | |
tree | 365e6ecc9ea7110736f16283d8e4d8485a9865b8 /sys/net/pf_norm.c | |
parent | ea39f2de65a8a34702e80c95d96f70aace6bce30 (diff) |
normalize ip_off, make IP_DF stripping optional, return rst is a flag now.
okay markus@
Diffstat (limited to 'sys/net/pf_norm.c')
-rw-r--r-- | sys/net/pf_norm.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c index 25b964f2c01..c67836e5bfa 100644 --- a/sys/net/pf_norm.c +++ b/sys/net/pf_norm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_norm.c,v 1.1 2001/07/17 20:35:26 provos Exp $ */ +/* $OpenBSD: pf_norm.c,v 1.2 2001/07/17 21:54:26 provos Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> @@ -510,6 +510,13 @@ pf_normalize_ip(struct mbuf **m0, int dir, struct ifnet *ifp, u_short *reason) if (dir != PF_OUT) return (PF_PASS); + /* At this point, only IP_DF is allowed in ip_off */ + if (r->rule_flag & PFRULE_NODF) + h->ip_off = 0; + else + h->ip_off &= IP_DF; + + return (PF_PASS); drop: |