From e7979e30e8ae4854f6b6e26eee9c7c526d0e0a37 Mon Sep 17 00:00:00 2001 From: Niels Provos Date: Tue, 17 Jul 2001 22:22:18 +0000 Subject: support min-ttl, okay dhartmei@ --- sys/net/pf_norm.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sys/net/pf_norm.c') diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c index c67836e5bfa..b9759a0e9d9 100644 --- a/sys/net/pf_norm.c +++ b/sys/net/pf_norm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_norm.c,v 1.2 2001/07/17 21:54:26 provos Exp $ */ +/* $OpenBSD: pf_norm.c,v 1.3 2001/07/17 22:22:14 provos Exp $ */ /* * Copyright 2001 Niels Provos @@ -516,6 +516,9 @@ pf_normalize_ip(struct mbuf **m0, int dir, struct ifnet *ifp, u_short *reason) else h->ip_off &= IP_DF; + /* Enforce a minimum ttl, may cause endless packet loops */ + if (r->min_ttl && h->ip_ttl < r->min_ttl) + h->ip_ttl = r->min_ttl; return (PF_PASS); -- cgit v1.2.3