summaryrefslogtreecommitdiff
path: root/sys/net
diff options
context:
space:
mode:
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/pf_norm.c5
-rw-r--r--sys/net/pfvar.h3
2 files changed, 6 insertions, 2 deletions
diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c
index c67836e5bfa..b9759a0e9d9 100644
--- a/sys/net/pf_norm.c
+++ b/sys/net/pf_norm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_norm.c,v 1.2 2001/07/17 21:54:26 provos Exp $ */
+/* $OpenBSD: pf_norm.c,v 1.3 2001/07/17 22:22:14 provos Exp $ */
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
@@ -516,6 +516,9 @@ pf_normalize_ip(struct mbuf **m0, int dir, struct ifnet *ifp, u_short *reason)
else
h->ip_off &= IP_DF;
+ /* Enforce a minimum ttl, may cause endless packet loops */
+ if (r->min_ttl && h->ip_ttl < r->min_ttl)
+ h->ip_ttl = r->min_ttl;
return (PF_PASS);
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index c92d2731e5f..38201247d77 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfvar.h,v 1.34 2001/07/17 21:54:26 provos Exp $ */
+/* $OpenBSD: pfvar.h,v 1.35 2001/07/17 22:22:15 provos Exp $ */
/*
* Copyright (c) 2001, Daniel Hartmeier
@@ -73,6 +73,7 @@ struct pf_rule {
u_int8_t flagset;
u_int8_t rule_flag;
+ u_int8_t min_ttl; /* minimum ttl for packet normalize */
};
#define PFRULE_RETURNRST 0x01
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-15 05:04:47 +0000