d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

udp6: allow udp_tun_func_t() to indicate it did not eat the packet

Browse Source 
Implement the same filter feature we implemented for UDP over IPv6 in
742e7210d. This was missed in that commit.

Pointed out by:	markj
Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost 2022-04-22 16:11:31 +02:00
parent f010b9c2b9
commit 797b94504f
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/netinet6/udp6_usrreq.c
View File

@ -146,6 +146,7 @@ udp6_append(struct inpcb *inp, struct mbuf *n, int off,
struct socket *so;
struct mbuf *opts = NULL, *tmp_opts;
struct udpcb *up;
bool filtered;
INP_LOCK_ASSERT(inp);
@ -156,10 +157,11 @@ udp6_append(struct inpcb *inp, struct mbuf *n, int off,
if (up->u_tun_func != NULL) {
in_pcbref(inp);
INP_RUNLOCK(inp);
(*up->u_tun_func)(n, off, inp, (struct sockaddr *)&fromsa[0],
up->u_tun_ctx);
filtered = (*up->u_tun_func)(n, off, inp,
(struct sockaddr *)&fromsa[0], up->u_tun_ctx);
INP_RLOCK(inp);
return (in_pcbrele_rlocked(inp));
if (filtered)
return (in_pcbrele_rlocked(inp));
}
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
/* Check AH/ESP integrity. */