summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/net/pf.c23
-rw-r--r--sys/net/pfvar.h3
-rw-r--r--sys/netinet/ip_input.c22
3 files changed, 33 insertions, 15 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index f16a2e15ed4..3b56da2847e 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.978 2016/06/21 16:45:37 bluhm Exp $ */
+/* $OpenBSD: pf.c,v 1.979 2016/07/18 13:17:44 bluhm Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -6761,6 +6761,27 @@ pf_cksum(struct pf_pdesc *pd, struct mbuf *m)
}
}
+int
+pf_ouraddr(struct mbuf *m)
+{
+ struct pf_state_key *sk;
+
+ if (m->m_pkthdr.pf.flags & PF_TAG_DIVERTED)
+ return (1);
+
+ sk = m->m_pkthdr.pf.statekey;
+ if (sk != NULL) {
+ if (sk->inp != NULL)
+ return (1);
+
+ /* If we have linked state keys it is certainly forwarded. */
+ if (sk->reverse != NULL)
+ return (0);
+ }
+
+ return (-1);
+}
+
/*
* must be called whenever any addressing information such as
* address, port, protocol has changed
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index 394c0dea96b..3ae27999a4b 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfvar.h,v 1.431 2016/03/29 10:34:42 sashan Exp $ */
+/* $OpenBSD: pfvar.h,v 1.432 2016/07/18 13:17:44 bluhm Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1763,6 +1763,7 @@ int pf_rtlabel_match(struct pf_addr *, sa_family_t, struct pf_addr_wrap *,
int);
int pf_socket_lookup(struct pf_pdesc *);
struct pf_state_key *pf_alloc_state_key(int);
+int pf_ouraddr(struct mbuf *);
void pf_pkt_addr_changed(struct mbuf *);
struct inpcb *pf_inp_lookup(struct mbuf *);
void pf_inp_link(struct mbuf *, struct inpcb *);
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 432ca7866d0..51f9986e9f6 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_input.c,v 1.277 2016/06/18 10:36:13 vgross Exp $ */
+/* $OpenBSD: ip_input.c,v 1.278 2016/07/18 13:17:44 bluhm Exp $ */
/* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */
/*
@@ -592,20 +592,16 @@ in_ouraddr(struct mbuf *m, struct ifnet *ifp, struct rtentry **prt)
struct ip *ip;
struct sockaddr_in sin;
int match = 0;
-#if NPF > 0
- struct pf_state_key *key;
- if (m->m_pkthdr.pf.flags & PF_TAG_DIVERTED)
+#if NPF > 0
+ switch (pf_ouraddr(m)) {
+ case 0:
+ return (0);
+ case 1:
return (1);
-
- key = m->m_pkthdr.pf.statekey;
- if (key != NULL) {
- if (key->inp != NULL)
- return (1);
-
- /* If we have linked state keys it is certainly forwarded. */
- if (key->reverse != NULL)
- return (0);
+ default:
+ /* pf does not know it */
+ break;
}
#endif