diff options
| author | Gleb Smirnoff <glebius@FreeBSD.org> | 2005-02-05 12:06:33 +0000 |
|---|---|---|
| committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2005-02-05 12:06:33 +0000 |
| commit | 670742a102254a7dc8a355d86925d6e1903900d2 (patch) | |
| tree | ba193f3100298c12106c55572c263d432178852d /sys/netinet/ip_fw2.c | |
| parent | fbad9e2d95b59d1c0403f04df62d6d7cb4ea7c4a (diff) | |
| download | src-670742a102254a7dc8a355d86925d6e1903900d2.tar.gz src-670742a102254a7dc8a355d86925d6e1903900d2.zip | |
Notes
Diffstat (limited to 'sys/netinet/ip_fw2.c')
| -rw-r--r-- | sys/netinet/ip_fw2.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index 172de80f56a5..57aa13c897f2 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -77,6 +77,9 @@ #include <netinet/tcpip.h> #include <netinet/udp.h> #include <netinet/udp_var.h> + +#include <netgraph/ng_ipfw.h> + #include <altq/if_altq.h> #ifdef IPSEC @@ -649,6 +652,14 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ether_header *eh, sa->sa.sin_port); } break; + case O_NETGRAPH: + snprintf(SNPARGS(action2, 0), "Netgraph %d", + cmd->arg1); + break; + case O_NGTEE: + snprintf(SNPARGS(action2, 0), "Ngtee %d", + cmd->arg1); + break; default: action = "UNKNOWN"; break; @@ -2528,6 +2539,14 @@ check_body: retval = IP_FW_PASS; goto done; + case O_NETGRAPH: + case O_NGTEE: + args->rule = f; /* report matching rule */ + args->cookie = cmd->arg1; + retval = (cmd->opcode == O_NETGRAPH) ? + IP_FW_NETGRAPH : IP_FW_NGTEE; + goto done; + default: panic("-- unknown opcode %d\n", cmd->opcode); } /* end of switch() on opcodes */ @@ -3108,6 +3127,10 @@ check_ipfw_struct(struct ip_fw *rule, int size) case O_TEE: if (ip_divert_ptr == NULL) return EINVAL; + case O_NETGRAPH: + case O_NGTEE: + if (!NG_IPFW_LOADED) + return EINVAL; case O_FORWARD_MAC: /* XXX not implemented yet */ case O_CHECK_STATE: case O_COUNT: |