Reset ip_divert_ignore to zero immediately after use - also,

set it in the first place, independent of whether sin->sin_port is set. The result is that diverted packets that are being forwarded will be diverted once and only once on the way in (ip_input()) and again, once and only once on the way out (ip_output()) - twice in total. ICMP packets that don't contain a port will now also be diverted.
svn path=/head/; revision=22212
1997-02-02 16:33:12 +00:00 · 1997-02-02 16:33:12 +00:00 · d81e40431a · 2020-12-20 02:59:44 +00:00
commit d81e40431a
parent 635b1c4908
3 changed files with 3 additions and 2 deletions
--- a/sys/netinet/ip_divert.c
+++ b/sys/netinet/ip_divert.c
@ -206,8 +206,7 @@ div_output(so, m, addr, control)
 		sin = mtod(addr, struct sockaddr_in *);

 	/* Loopback avoidance option */
-	if (sin && sin->sin_port)
-		ip_divert_ignore = ntohs(inp->inp_lport);
+	ip_divert_ignore = ntohs(inp->inp_lport);

 	/* Reinject packet into the system as incoming or outgoing */
 	if (!sin || sin->sin_addr.s_addr == 0) {
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@ -320,6 +320,7 @@ ip_input(struct mbuf *m)
 #ifdef IPDIVERT
 		action = (*ip_fw_chk_ptr)(&ip, hlen,
 				m->m_pkthdr.rcvif, ip_divert_ignore, &m);
+		ip_divert_ignore = 0;
 #else
 		action = (*ip_fw_chk_ptr)(&ip, hlen, m->m_pkthdr.rcvif, 0, &m);
 #endif
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@ -355,6 +355,7 @@ ip_output(m0, opt, ro, flags, imo)
 #ifdef IPDIVERT
 		action = (*ip_fw_chk_ptr)(&ip,
 				hlen, ifp, (~0 << 16) | ip_divert_ignore, &m);
+		ip_divert_ignore = 0;
 #else
 		action = (*ip_fw_chk_ptr)(&ip, hlen, ifp, (~0 << 16), &m);
 #endif