Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 16 Sep 2010 15:11:18 +0000 (UTC)
From:      Gleb Smirnoff <glebius@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org
Subject:   svn commit: r212738 - in stable/8/sys: netgraph netinet/ipfw
Message-ID:  <201009161511.o8GFBIl9095339@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: glebius
Date: Thu Sep 16 15:11:17 2010
New Revision: 212738
URL: http://svn.freebsd.org/changeset/base/212738

Log:
  MFhead r210537:
    Fix operation of "netgraph" action in conjunction with the
    net.inet.ip.fw.one_pass sysctl.
  
    PR:           kern/148885
    Submitted by: Nickolay Dudorov <nnd mail.nsk.ru>

Modified:
  stable/8/sys/netgraph/ng_ipfw.c
  stable/8/sys/netinet/ipfw/ip_fw2.c
Directory Properties:
  stable/8/sys/   (props changed)
  stable/8/sys/amd64/include/xen/   (props changed)
  stable/8/sys/cddl/contrib/opensolaris/   (props changed)
  stable/8/sys/contrib/dev/acpica/   (props changed)
  stable/8/sys/contrib/pf/   (props changed)
  stable/8/sys/dev/xen/xenpci/   (props changed)

Modified: stable/8/sys/netgraph/ng_ipfw.c
==============================================================================
--- stable/8/sys/netgraph/ng_ipfw.c	Thu Sep 16 15:07:12 2010	(r212737)
+++ stable/8/sys/netgraph/ng_ipfw.c	Thu Sep 16 15:11:17 2010	(r212738)
@@ -287,7 +287,8 @@ ng_ipfw_input(struct mbuf **m0, int dir,
 		}
 		r = (struct ipfw_rule_ref *)(tag + 1);
 		*r = fwa->rule;
-		r->info = dir ? IPFW_INFO_IN : IPFW_INFO_OUT;
+		r->info &= IPFW_ONEPASS;  /* keep this info */
+		r->info |= dir ? IPFW_INFO_IN : IPFW_INFO_OUT;
 		m_tag_prepend(m, tag);
 
 	} else

Modified: stable/8/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- stable/8/sys/netinet/ipfw/ip_fw2.c	Thu Sep 16 15:07:12 2010	(r212737)
+++ stable/8/sys/netinet/ipfw/ip_fw2.c	Thu Sep 16 15:11:17 2010	(r212738)
@@ -2084,6 +2084,8 @@ do {								\
 				set_match(args, f_pos, chain);
 				args->rule.info = (cmd->arg1 == IP_FW_TABLEARG) ?
 					tablearg : cmd->arg1;
+				if (V_fw_one_pass)
+					args->rule.info |= IPFW_ONEPASS;
 				retval = (cmd->opcode == O_NETGRAPH) ?
 				    IP_FW_NETGRAPH : IP_FW_NGTEE;
 				l = 0;          /* exit inner loop */

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201009161511.o8GFBIl9095339>