diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2011-04-05 13:48:19 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2011-04-05 13:48:19 +0000 |
| commit | df06e0bbd2c9c7b91b644dc988e13db95c084807 (patch) | |
| tree | 3235f72dc8a3d22e89e8b888ca2562bc2fd55e50 /sys | |
| parent | b5f0824109349c72649bc8f2582fe19f7060c99d (diff) | |
ditch fastroute, an ipf feature that made its way into pf before
route-to and friends were introduced making it obsolete. one even
has to look it up int the ipf manual to get and idea what it's
supposed to do. reuse some kernel bits for the upcoming nat64
stuff. "kill it with fire" from mcbride, "what mcbride said"
from mpf, "kill kill kill" and ok henning.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/pf.c | 11 | ||||
| -rw-r--r-- | sys/net/pfvar.h | 4 |
2 files changed, 8 insertions, 7 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index 76712f57268..a0fc7e6e0ea 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.733 2011/04/04 17:44:43 henning Exp $ */ +/* $OpenBSD: pf.c,v 1.734 2011/04/05 13:48:18 mikeb Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -2640,7 +2640,7 @@ pf_set_rt_ifp(struct pf_state *s, struct pf_addr *saddr) struct pf_src_node *sn = NULL; s->rt_kif = NULL; - if (!r->rt || r->rt == PF_FASTROUTE) + if (!r->rt) return; switch (s->key[PF_SK_WIRE]->af) { #ifdef INET @@ -5087,7 +5087,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, dst->sin_addr = ip->ip_dst; ro->ro_tableid = m0->m_pkthdr.rdomain; - if (r->rt == PF_FASTROUTE) { + if (!r->rt) { rtalloc(ro); if (ro->ro_rt == 0) { ipstat.ips_noroute++; @@ -5099,6 +5099,8 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, if (ro->ro_rt->rt_flags & RTF_GATEWAY) dst = satosin(ro->ro_rt->rt_gateway); + + m0->m_pkthdr.pf.flags |= PF_TAG_GENERATED; } else { if (s == NULL) { if (pf_map_addr(AF_INET, r, (struct pf_addr *)&ip->ip_src, @@ -5262,8 +5264,7 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, dst->sin6_len = sizeof(*dst); dst->sin6_addr = ip6->ip6_dst; - /* Cheat. XXX why only in the v6 case??? */ - if (r->rt == PF_FASTROUTE) { + if (!r->rt) { m0->m_pkthdr.pf.flags |= PF_TAG_GENERATED; ip6_output(m0, NULL, NULL, 0, NULL, NULL, NULL); return; diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 4945d2ff5c1..4e06e8b3c60 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.324 2011/03/25 10:54:22 claudio Exp $ */ +/* $OpenBSD: pfvar.h,v 1.325 2011/04/05 13:48:18 mikeb Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -105,7 +105,7 @@ enum { PFTM_TCP_FIRST_PACKET, PFTM_TCP_OPENING, PFTM_TCP_ESTABLISHED, #define PFTM_SRC_NODE_VAL 0 /* Source tracking */ #define PFTM_TS_DIFF_VAL 30 /* Allowed TS diff */ -enum { PF_NOPFROUTE, PF_FASTROUTE, PF_ROUTETO, PF_DUPTO, PF_REPLYTO }; +enum { PF_NOPFROUTE, PF_ROUTETO, PF_DUPTO, PF_REPLYTO }; enum { PF_LIMIT_STATES, PF_LIMIT_SRC_NODES, PF_LIMIT_FRAGS, PF_LIMIT_TABLES, PF_LIMIT_TABLE_ENTRIES, PF_LIMIT_MAX }; #define PF_POOL_IDMASK 0x0f |