d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement comments embedded into ipfw2 instructions.

Browse Source 
Since we already had 'O_NOP' instructions which always match, all
I needed to do is allow the NOP command to have arbitrary length
(i.e. move its label in a different part of the switch() which
validates instructions).

The kernel must know nothing about comments, everything else is
done in userland (which will be described in the upcoming ipfw2.c
commit).
This commit is contained in:
Luigi Rizzo 2003-07-12 05:54:17 +00:00
parent 480d3dd2ea
commit 72e02d4dac
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/netinet/ip_fw2.c
View File

@ -2389,7 +2389,6 @@ check_ipfw_struct(struct ip_fw *rule, int size)
}
DEB(printf("ipfw: opcode %d\n", cmd->opcode);)
switch (cmd->opcode) {
case O_NOP:
case O_PROBE_STATE:
case O_KEEP_STATE:
case O_PROTO:
@ -2462,6 +2461,7 @@ check_ipfw_struct(struct ip_fw *rule, int size)
goto bad_size;
break;
case O_NOP:
case O_IPID:
case O_IPTTL:
case O_IPLEN: