git://git.onelab.eu
/
ipfw.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Remove debug message.
[ipfw.git]
/
dummynet
/
ip_fw_pfil.c
diff --git
a/dummynet/ip_fw_pfil.c
b/dummynet/ip_fw_pfil.c
index
3fa643c
..
368192a
100644
(file)
--- a/
dummynet/ip_fw_pfil.c
+++ b/
dummynet/ip_fw_pfil.c
@@
-126,10
+126,14
@@
again:
args.m = *m0;
args.inp = inp;
args.m = *m0;
args.inp = inp;
- ipfw = ipfw_chk(&args);
- *m0 = args.m;
tee = 0;
tee = 0;
+ if (V_fw_one_pass == 0 || args.rule == NULL) {
+ ipfw = ipfw_chk(&args);
+ *m0 = args.m;
+ } else
+ ipfw = IP_FW_PASS;
+
KASSERT(*m0 != NULL || ipfw == IP_FW_DENY, ("%s: m0 is NULL",
__func__));
KASSERT(*m0 != NULL || ipfw == IP_FW_DENY, ("%s: m0 is NULL",
__func__));
@@
-256,10
+260,14
@@
again:
args.m = *m0;
args.oif = ifp;
args.inp = inp;
args.m = *m0;
args.oif = ifp;
args.inp = inp;
- ipfw = ipfw_chk(&args);
- *m0 = args.m;
tee = 0;
tee = 0;
+ if (V_fw_one_pass == 0 || args.rule == NULL) {
+ ipfw = ipfw_chk(&args);
+ *m0 = args.m;
+ } else
+ ipfw = IP_FW_PASS;
+
KASSERT(*m0 != NULL || ipfw == IP_FW_DENY, ("%s: m0 is NULL",
__func__));
KASSERT(*m0 != NULL || ipfw == IP_FW_DENY, ("%s: m0 is NULL",
__func__));
@@
-504,38
+512,54
@@
ipfw6_unhook(void)
int
ipfw_chg_hook(SYSCTL_HANDLER_ARGS)
{
int
ipfw_chg_hook(SYSCTL_HANDLER_ARGS)
{
- int enable = *(int *)arg1;
+ int enable;
+ int oldenable;
int error;
int error;
+ if (arg1 == &VNET_NAME(fw_enable)) {
+ enable = V_fw_enable;
+ }
+#ifdef INET6
+ else if (arg1 == &VNET_NAME(fw6_enable)) {
+ enable = V_fw6_enable;
+ }
+#endif
+ else
+ return (EINVAL);
+
+ oldenable = enable;
+
error = sysctl_handle_int(oidp, &enable, 0, req);
error = sysctl_handle_int(oidp, &enable, 0, req);
+
if (error)
return (error);
enable = (enable) ? 1 : 0;
if (error)
return (error);
enable = (enable) ? 1 : 0;
- if (enable ==
*(int *)arg1
)
+ if (enable ==
oldenable
)
return (0);
return (0);
- if (arg1 == &
fw_enable
) {
+ if (arg1 == &
VNET_NAME(fw_enable)
) {
if (enable)
error = ipfw_hook();
else
error = ipfw_unhook();
if (enable)
error = ipfw_hook();
else
error = ipfw_unhook();
+ if (error)
+ return (error);
+ V_fw_enable = enable;
}
#ifdef INET6
}
#ifdef INET6
-
if (arg1 == &fw6_enable
) {
+
else if (arg1 == &VNET_NAME(fw6_enable)
) {
if (enable)
error = ipfw6_hook();
else
error = ipfw6_unhook();
if (enable)
error = ipfw6_hook();
else
error = ipfw6_unhook();
+ if (error)
+ return (error);
+ V_fw6_enable = enable;
}
#endif
}
#endif
- if (error)
- return (error);
-
- *(int *)arg1 = enable;
-
return (0);
}
return (0);
}