head 1.2; access; symbols perseant-exfatfs-base-20250801:1.2 perseant-exfatfs-base-20240630:1.2 perseant-exfatfs:1.2.0.44 perseant-exfatfs-base:1.2 cjep_sun2x:1.2.0.42 cjep_sun2x-base:1.2 cjep_staticlib_x-base1:1.2 cjep_staticlib_x:1.2.0.40 cjep_staticlib_x-base:1.2 phil-wifi-20200421:1.2 phil-wifi-20200411:1.2 phil-wifi-20200406:1.2 pgoyette-compat-merge-20190127:1.2 pgoyette-compat-20190127:1.2 pgoyette-compat-20190118:1.2 pgoyette-compat-1226:1.2 pgoyette-compat-1126:1.2 pgoyette-compat-1020:1.2 pgoyette-compat-0930:1.2 pgoyette-compat-0906:1.2 pgoyette-compat-0728:1.2 pgoyette-compat-0625:1.2 pgoyette-compat-0521:1.2 pgoyette-compat-0502:1.2 pgoyette-compat-0422:1.2 pgoyette-compat-0415:1.2 pgoyette-compat-0407:1.2 pgoyette-compat-0330:1.2 pgoyette-compat-0322:1.2 pgoyette-compat-0315:1.2 pgoyette-compat:1.2.0.38 pgoyette-compat-base:1.2 prg-localcount2-base3:1.2 prg-localcount2-base2:1.2 prg-localcount2-base1:1.2 prg-localcount2:1.2.0.36 prg-localcount2-base:1.2 pgoyette-localcount-20170426:1.2 bouyer-socketcan-base1:1.2 pgoyette-localcount-20170320:1.2 bouyer-socketcan:1.2.0.34 bouyer-socketcan-base:1.2 pgoyette-localcount-20170107:1.2 pgoyette-localcount-20161104:1.2 localcount-20160914:1.2 pgoyette-localcount-20160806:1.2 pgoyette-localcount-20160726:1.2 pgoyette-localcount:1.2.0.32 pgoyette-localcount-base:1.2 netbsd-5-2-3-RELEASE:1.2 netbsd-5-1-5-RELEASE:1.2 yamt-pagecache-base9:1.2 yamt-pagecache-tag8:1.2 tls-earlyentropy:1.2.0.28 tls-earlyentropy-base:1.2 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.2 riastradh-drm2-base3:1.2 netbsd-5-2-2-RELEASE:1.2 netbsd-5-1-4-RELEASE:1.2 netbsd-5-2-1-RELEASE:1.2 netbsd-5-1-3-RELEASE:1.2 agc-symver:1.2.0.30 agc-symver-base:1.2 tls-maxphys-base:1.2 yamt-pagecache-base8:1.2 netbsd-5-2:1.2.0.26 yamt-pagecache-base7:1.2 netbsd-5-2-RELEASE:1.2 netbsd-5-2-RC1:1.2 yamt-pagecache-base6:1.2 yamt-pagecache-base5:1.2 yamt-pagecache-base4:1.2 netbsd-5-1-2-RELEASE:1.2 netbsd-5-1-1-RELEASE:1.2 yamt-pagecache-base3:1.2 yamt-pagecache-base2:1.2 yamt-pagecache:1.2.0.24 yamt-pagecache-base:1.2 bouyer-quota2-nbase:1.2 bouyer-quota2:1.2.0.22 bouyer-quota2-base:1.2 matt-nb5-pq3:1.2.0.20 matt-nb5-pq3-base:1.2 netbsd-5-1:1.2.0.18 netbsd-5-1-RELEASE:1.2 netbsd-5-1-RC4:1.2 netbsd-5-1-RC3:1.2 netbsd-5-1-RC2:1.2 netbsd-5-1-RC1:1.2 netbsd-5-0-2-RELEASE:1.2 netbsd-5-0-1-RELEASE:1.2 jym-xensuspend-nbase:1.2 netbsd-5-0:1.2.0.16 netbsd-5-0-RELEASE:1.2 netbsd-5-0-RC4:1.2 netbsd-5-0-RC3:1.2 netbsd-5-0-RC2:1.2 jym-xensuspend:1.2.0.14 jym-xensuspend-base:1.2 netbsd-5-0-RC1:1.2 netbsd-5:1.2.0.12 netbsd-5-base:1.2 mjf-devfs2:1.2.0.10 mjf-devfs2-base:1.2 yamt-pf42-base4:1.2 yamt-pf42-base3:1.2 hpcarm-cleanup-nbase:1.2 yamt-pf42-base2:1.2 yamt-pf42:1.2.0.8 yamt-pf42-base:1.2 keiichi-mipv6:1.2.0.6 keiichi-mipv6-base:1.2 cube-autoconf:1.2.0.4 cube-autoconf-base:1.2 hpcarm-cleanup:1.2.0.2 hpcarm-cleanup-base:1.2 v3-4-27:1.1.1.1 v3-4-25:1.1.1.1 v3-4-23:1.1.1.1 DARRENR:1.1.1; locks; strict; comment @# @; 1.2 date 2002.04.01.15.58.08; author jdolecek; state dead; branches; next 1.1; 1.1 date 2002.01.24.08.18.32; author martti; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2002.01.24.08.18.32; author martti; state Exp; branches; next ; desc @@ 1.2 log @remove stuff not related to NetBSD @ text @*** ip6_input.c.orig Sun Sep 2 12:51:02 2001 --- ip6_input.c Mon Sep 3 22:25:23 2001 *************** *** 130,135 **** --- 130,138 ---- #ifdef PULLDOWN_TEST static struct mbuf *ip6_pullexthdr __P((struct mbuf *, size_t, int)); #endif + #if defined(IPFILTER) || defined(IPFILTER_LKM) + extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); + #endif /* * IP6 initialization: fill in IP6 protocol switch table. *************** *** 274,279 **** --- 277,302 ---- in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); goto bad; } + + #if defined(IPFILTER) || defined(IPFILTER_LKM) + /* + * Check if we want to allow this packet to be processed. + * Consider it to be bad if not. + */ + if (fr_checkp != NULL) { + struct mbuf *m0 = m; + + if ((*fr_checkp)((struct ip *)ip6, sizeof(*ip6), + m->m_pkthdr.rcvif, 0, &m0)) { + return; + } + m = m0; + if (m == 0) { /* in case of 'fastroute' */ + return; + } + ip6 = mtod(m, struct ip6_hdr *); + } + #endif ip6stat.ip6s_nxthist[ip6->ip6_nxt]++; *** ip6_output.c.orig Sun Sep 2 12:51:21 2001 --- ip6_output.c Mon Sep 3 22:27:46 2001 *************** *** 113,118 **** --- 113,122 ---- struct mbuf *ip6e_dest2; }; + #if defined(IPFILTER) || defined(IPFILTER_LKM) + extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); + #endif + static int ip6_pcbopts __P((struct ip6_pktopts **, struct mbuf *, struct socket *)); static int ip6_setmoptions __P((int, struct ip6_moptions **, struct mbuf *)); *************** *** 910,915 **** --- 914,938 ---- m->m_pkthdr.rcvif = NULL; } + + #if defined(IPFILTER) || defined(IPFILTER_LKM) + /* + * looks like most checking has been done now...do a filter check + */ + if (fr_checkp != NULL) { + struct mbuf *m1 = m; + if ((*fr_checkp)((struct ip *)ip6, sizeof(*ip6), ifp, 1, &m1)) { + error = EHOSTUNREACH; + goto done; + } + m = m1; + if (m1 == 0) { /* in case of 'fastroute' */ + error = 0; + goto done; + } + ip6 = mtod(m, struct ip6_hdr *); + } + #endif /* * Send the packet to the outgoing interface. * If necessary, do IPv6 fragmentation before sending. @ 1.1 log @Initial revision @ text @@ 1.1.1.1 log @Import IPFilter 3.4.23 @ text @@