summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
Diffstat (limited to 'sys')
-rw-r--r--sys/net/pf.c18
-rw-r--r--sys/net/pfvar.h4
-rw-r--r--sys/netinet/ipsec_input.c5
-rw-r--r--sys/netinet/ipsec_output.c5
4 files changed, 10 insertions, 22 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 1a8786c3557..df9b3048427 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.727 2011/02/23 15:46:14 mikeb Exp $ */
+/* $OpenBSD: pf.c,v 1.728 2011/03/05 01:53:16 bluhm Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -2293,17 +2293,13 @@ pf_match_rcvif(struct mbuf *m, struct pf_rule *r)
return (pfi_kif_match(r->rcv_kif, kif));
}
-int
+void
pf_tag_packet(struct mbuf *m, int tag, int rtableid)
{
- if (tag <= 0 && rtableid < 0)
- return (0);
if (tag > 0)
m->m_pkthdr.pf.tag = tag;
if (rtableid >= 0)
m->m_pkthdr.rdomain = rtableid;
-
- return (0);
}
void
@@ -2988,10 +2984,7 @@ pf_test_rule(struct pf_rule **rm, struct pf_state **sm, int direction,
if (r->action == PF_DROP)
goto cleanup;
- if (pf_tag_packet(m, tag, act.rtableid)) {
- REASON_SET(&reason, PFRES_MEMORY);
- goto cleanup;
- }
+ pf_tag_packet(m, tag, act.rtableid);
if (act.rtableid >= 0 &&
rtable_l2(act.rtableid) != pd->rdomain)
pd->destchg = 1;
@@ -3465,10 +3458,7 @@ pf_test_fragment(struct pf_rule **rm, int direction, struct pfi_kif *kif,
if (r->action == PF_DROP)
return (PF_DROP);
- if (pf_tag_packet(m, tag, -1)) {
- REASON_SET(&reason, PFRES_MEMORY);
- return (PF_DROP);
- }
+ pf_tag_packet(m, tag, -1);
return (PF_PASS);
}
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index 6266f89f51a..f1d852b70ec 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfvar.h,v 1.320 2011/01/11 13:35:58 mcbride Exp $ */
+/* $OpenBSD: pfvar.h,v 1.321 2011/03/05 01:53:16 bluhm Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1867,7 +1867,7 @@ u_int16_t pf_tagname2tag(char *);
void pf_tag2tagname(u_int16_t, char *);
void pf_tag_ref(u_int16_t);
void pf_tag_unref(u_int16_t);
-int pf_tag_packet(struct mbuf *, int, int);
+void pf_tag_packet(struct mbuf *, int, int);
u_int32_t pf_qname2qid(char *);
void pf_qid2qname(u_int32_t, char *);
void pf_qid_unref(u_int32_t);
diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c
index 1c565a10040..54cb2484778 100644
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec_input.c,v 1.99 2010/12/21 19:16:15 markus Exp $ */
+/* $OpenBSD: ipsec_input.c,v 1.100 2011/03/05 01:53:16 bluhm Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -574,8 +574,7 @@ ipsec_common_input_cb(struct mbuf *m, struct tdb *tdbp, int skip, int protoff,
#if NPF > 0
/* Add pf tag if requested. */
- if (pf_tag_packet(m, tdbp->tdb_tag, -1))
- DPRINTF(("failed to tag ipsec packet\n"));
+ pf_tag_packet(m, tdbp->tdb_tag, -1);
pf_pkt_addr_changed(m);
#endif
diff --git a/sys/netinet/ipsec_output.c b/sys/netinet/ipsec_output.c
index 13601532e09..530b17336b4 100644
--- a/sys/netinet/ipsec_output.c
+++ b/sys/netinet/ipsec_output.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec_output.c,v 1.43 2010/07/09 16:58:06 reyk Exp $ */
+/* $OpenBSD: ipsec_output.c,v 1.44 2011/03/05 01:53:16 bluhm Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
*
@@ -501,8 +501,7 @@ ipsp_process_done(struct mbuf *m, struct tdb *tdb)
#if NPF > 0
/* Add pf tag if requested. */
- if (pf_tag_packet(m, tdb->tdb_tag, -1))
- DPRINTF(("failed to tag ipsec packet\n"));
+ pf_tag_packet(m, tdb->tdb_tag, -1);
pf_pkt_addr_changed(m);
#endif