diff options
| -rw-r--r-- | sys/net/if_bridge.c | 10 | ||||
| -rw-r--r-- | sys/net/pf.c | 22 | ||||
| -rw-r--r-- | sys/net/pfvar.h | 8 | ||||
| -rw-r--r-- | sys/netinet/ip_input.c | 4 | ||||
| -rw-r--r-- | sys/netinet/ip_output.c | 6 | ||||
| -rw-r--r-- | sys/netinet6/ip6_forward.c | 4 | ||||
| -rw-r--r-- | sys/netinet6/ip6_input.c | 4 | ||||
| -rw-r--r-- | sys/netinet6/ip6_output.c | 4 |
8 files changed, 24 insertions, 38 deletions
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 714853b41ec..f59549ce66f 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_bridge.c,v 1.134 2004/05/04 18:03:58 canacar Exp $ */ +/* $OpenBSD: if_bridge.c,v 1.135 2004/06/21 19:26:01 mcbride Exp $ */ /* * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) @@ -2297,7 +2297,7 @@ bridge_ipsec(int dir, int af, int hlen, struct mbuf *m) #ifdef INET case AF_INET: if (pf_test(dir, &encif[0].sc_if, - &m) != PF_PASS) { + &m, NULL) != PF_PASS) { m_freem(m); return (1); } @@ -2306,7 +2306,7 @@ bridge_ipsec(int dir, int af, int hlen, struct mbuf *m) #ifdef INET6 case AF_INET6: if (pf_test6(dir, &encif[0].sc_if, - &m) != PF_PASS) { + &m, NULL) != PF_PASS) { m_freem(m); return (1); } @@ -2432,7 +2432,7 @@ bridge_filter(struct bridge_softc *sc, int dir, struct ifnet *ifp, #if NPF > 0 /* Finally, we get to filter the packet! */ m->m_pkthdr.rcvif = ifp; - if (pf_test_eh(dir, ifp, &m, eh) != PF_PASS) + if (pf_test(dir, ifp, &m, eh) != PF_PASS) goto dropit; if (m == NULL) goto dropit; @@ -2478,7 +2478,7 @@ bridge_filter(struct bridge_softc *sc, int dir, struct ifnet *ifp, #endif /* IPSEC */ #if NPF > 0 - if (pf_test6_eh(dir, ifp, &m, eh) != PF_PASS) + if (pf_test6(dir, ifp, &m, eh) != PF_PASS) goto dropit; if (m == NULL) return (NULL); diff --git a/sys/net/pf.c b/sys/net/pf.c index c2d7181de2d..826fb6f57d0 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.451 2004/06/10 14:22:54 dhartmei Exp $ */ +/* $OpenBSD: pf.c,v 1.452 2004/06/21 19:26:01 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -5035,7 +5035,7 @@ pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, goto bad; if (oifp != ifp) { - if (pf_test(PF_OUT, ifp, &m0) != PF_PASS) + if (pf_test(PF_OUT, ifp, &m0, NULL) != PF_PASS) goto bad; else if (m0 == NULL) goto done; @@ -5228,7 +5228,7 @@ pf_route6(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, goto bad; if (oifp != ifp) { - if (pf_test6(PF_OUT, ifp, &m0) != PF_PASS) + if (pf_test6(PF_OUT, ifp, &m0, NULL) != PF_PASS) goto bad; else if (m0 == NULL) goto done; @@ -5372,13 +5372,7 @@ pf_add_mbuf_tag(struct mbuf *m, u_int tag) #ifdef INET int -pf_test(int dir, struct ifnet *ifp, struct mbuf **m0) -{ - return pf_test_eh(dir, ifp, m0, NULL); -} - -int -pf_test_eh(int dir, struct ifnet *ifp, struct mbuf **m0, +pf_test(int dir, struct ifnet *ifp, struct mbuf **m0, struct ether_header *eh) { struct pfi_kif *kif; @@ -5685,13 +5679,7 @@ done: #ifdef INET6 int -pf_test6(int dir, struct ifnet *ifp, struct mbuf **m0) -{ - return pf_test6_eh(dir, ifp, m0, NULL); -} - -int -pf_test6_eh(int dir, struct ifnet *ifp, struct mbuf **m0, +pf_test6(int dir, struct ifnet *ifp, struct mbuf **m0, struct ether_header *eh) { struct pfi_kif *kif; diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 0961bc04d57..23ff4358ff1 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.197 2004/06/14 20:53:27 cedric Exp $ */ +/* $OpenBSD: pfvar.h,v 1.198 2004/06/21 19:26:01 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1341,13 +1341,11 @@ void pf_rm_rule(struct pf_rulequeue *, struct pf_rule *); #ifdef INET -int pf_test(int, struct ifnet *, struct mbuf **); -int pf_test_eh(int, struct ifnet *, struct mbuf **, struct ether_header *); +int pf_test(int, struct ifnet *, struct mbuf **, struct ether_header *); #endif /* INET */ #ifdef INET6 -int pf_test6(int, struct ifnet *, struct mbuf **); -int pf_test6_eh(int, struct ifnet *, struct mbuf **, struct ether_header *); +int pf_test6(int, struct ifnet *, struct mbuf **, struct ether_header *); void pf_poolmask(struct pf_addr *, struct pf_addr*, struct pf_addr *, struct pf_addr *, u_int8_t); void pf_addr_inc(struct pf_addr *, sa_family_t); diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index e087115e8c8..4aba7e9e44c 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_input.c,v 1.119 2004/06/06 16:49:09 cedric Exp $ */ +/* $OpenBSD: ip_input.c,v 1.120 2004/06/21 19:26:01 mcbride Exp $ */ /* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */ /* @@ -396,7 +396,7 @@ ipv4_input(m) * Packet filter */ pfrdr = ip->ip_dst.s_addr; - if (pf_test(PF_IN, m->m_pkthdr.rcvif, &m) != PF_PASS) + if (pf_test(PF_IN, m->m_pkthdr.rcvif, &m, NULL) != PF_PASS) goto bad; if (m == NULL) return; diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 4d7ac283683..701134d30cf 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_output.c,v 1.164 2004/06/21 18:34:52 markus Exp $ */ +/* $OpenBSD: ip_output.c,v 1.165 2004/06/21 19:26:01 mcbride Exp $ */ /* $NetBSD: ip_output.c,v 1.28 1996/02/13 23:43:07 christos Exp $ */ /* @@ -592,7 +592,7 @@ sendit: */ #if NPF > 0 - if (pf_test(PF_OUT, &encif[0].sc_if, &m) != PF_PASS) { + if (pf_test(PF_OUT, &encif[0].sc_if, &m, NULL) != PF_PASS) { error = EHOSTUNREACH; splx(s); m_freem(m); @@ -694,7 +694,7 @@ sendit: * Packet filter */ #if NPF > 0 - if (pf_test(PF_OUT, ifp, &m) != PF_PASS) { + if (pf_test(PF_OUT, ifp, &m, NULL) != PF_PASS) { error = EHOSTUNREACH; m_freem(m); goto done; diff --git a/sys/netinet6/ip6_forward.c b/sys/netinet6/ip6_forward.c index 342d49d1b8b..bda61eb63e5 100644 --- a/sys/netinet6/ip6_forward.c +++ b/sys/netinet6/ip6_forward.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip6_forward.c,v 1.28 2004/02/02 20:13:01 cedric Exp $ */ +/* $OpenBSD: ip6_forward.c,v 1.29 2004/06/21 19:26:02 mcbride Exp $ */ /* $KAME: ip6_forward.c,v 1.75 2001/06/29 12:42:13 jinmei Exp $ */ /* @@ -429,7 +429,7 @@ ip6_forward(m, srcrt) ip6->ip6_dst.s6_addr16[1] = 0; #if NPF > 0 - if (pf_test6(PF_OUT, rt->rt_ifp, &m) != PF_PASS) { + if (pf_test6(PF_OUT, rt->rt_ifp, &m, NULL) != PF_PASS) { m_freem(m); goto senderr; } diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index 4d1fb45dad1..ed270e8b788 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip6_input.c,v 1.58 2004/06/01 03:19:27 itojun Exp $ */ +/* $OpenBSD: ip6_input.c,v 1.59 2004/06/21 19:26:02 mcbride Exp $ */ /* $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $ */ /* @@ -325,7 +325,7 @@ ip6_input(m) * Packet filter */ odst = ip6->ip6_dst; - if (pf_test6(PF_IN, m->m_pkthdr.rcvif, &m) != PF_PASS) + if (pf_test6(PF_IN, m->m_pkthdr.rcvif, &m, NULL) != PF_PASS) goto bad; if (m == NULL) return; diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c index 7d0433b798c..b6e2e63fa4e 100644 --- a/sys/netinet6/ip6_output.c +++ b/sys/netinet6/ip6_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip6_output.c,v 1.85 2004/06/12 04:58:48 itojun Exp $ */ +/* $OpenBSD: ip6_output.c,v 1.86 2004/06/21 19:26:02 mcbride Exp $ */ /* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */ /* @@ -788,7 +788,7 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp) } #if NPF > 0 - if (pf_test6(PF_OUT, ifp, &m) != PF_PASS) { + if (pf_test6(PF_OUT, ifp, &m, NULL) != PF_PASS) { error = EHOSTUNREACH; m_freem(m); goto done; |