Remove the option to keep IPFW diversion backwards compatible

WRT diversion reinjection. No-one has been bitten by the new behaviour that I know of.
1998-07-02 05:49:12 +00:00 · 1998-07-02 05:49:12 +00:00 · 8286a7feb0
commit 8286a7feb0
parent 84a8617808
3 changed files with 5 additions and 48 deletions
--- a/sys/netinet/ip_divert.c
+++ b/sys/netinet/ip_divert.c
@ -30,7 +30,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$Id: ip_divert.c,v 1.30 1998/06/12 01:54:29 julian Exp $
+ *	$Id: ip_divert.c,v 1.31 1998/06/12 02:48:47 julian Exp $
 */

 #include "opt_inet.h"
@ -83,11 +83,6 @@
 u_short ip_divert_port;

 /*
- * #ifdef IPFW_DIVERT_OLDRESTART
- * We set this value to a non-zero port number when we want the call to
- * ip_fw_chk() in ip_input() or ip_output() to ignore ``divert <port>''
- * chain entries. This is stored in host order.
- * #else
 * A 16 bit cookie is passed to the user process.
 * The user process can send it back to help the caller know something
 * about where the packet came from.
@ -97,7 +92,6 @@ u_short ip_divert_port;
 * should continue. Leaving it the same will make processing start
 * at the rule number after that which sent it here. Setting it to
 * 0 will restart processing at the beginning. 
- * #endif 
 */
 u_int16_t ip_divert_cookie;

@ -163,11 +157,7 @@ div_input(struct mbuf *m, int hlen)
 	ip = mtod(m, struct ip *);

 	/* Record divert port */
-#ifdef IPFW_DIVERT_OLDRESTART
-	divsrc.sin_port = htons(ip_divert_cookie);
-#else
 	divsrc.sin_port = ip_divert_cookie;
-#endif /* IPFW_DIVERT_OLDRESTART */
 	ip_divert_cookie = 0;

 	/* Restore packet header fields */
@ -274,11 +264,7 @@ div_output(so, m, addr, control)
 	if (sin) {
 		int	len = 0;
 		char	*c = sin->sin_zero;
-#ifdef IPFW_DIVERT_OLDRESTART
-		ip_divert_cookie = ntohs(sin->sin_port);
-#else
 		ip_divert_cookie = sin->sin_port;
-#endif /* IPFW_DIVERT_OLDRESTART */

 		/*
 		 * Find receive interface with the given name or IP address.
--- a/sys/netinet/ip_fw.c
+++ b/sys/netinet/ip_fw.c
@ -12,7 +12,7 @@
 *
 * This software is provided ``AS IS'' without any warranties of any kind.
 *
- *	$Id: ip_fw.c,v 1.89 1998/06/12 20:03:26 julian Exp $
+ *	$Id: ip_fw.c,v 1.90 1998/06/21 14:53:30 bde Exp $
 */

 /*
@ -380,11 +380,7 @@ ipfw_report(struct ip_fw *f, struct ip *ip,
 *	ip	Pointer to packet header (struct ip *)
 *	hlen	Packet header length
 *	oif	Outgoing interface, or NULL if packet is incoming
- * #ifdef IPFW_DIVERT_OLDRESTART
- *	*ignport	Ignore all divert/tee rules to this port (if non-zero)
- * #else
 *	*cookie Skip up to the first rule past this rule number;
- * #endif
 *	*m	The packet; we set to NULL when/if we nuke it.
 *
 * Return value:
@ -405,23 +401,13 @@ ip_fw_chk(struct ip **pip, int hlen,
 	struct ifnet *const rif = (*m)->m_pkthdr.rcvif;
 	u_short offset = (ip->ip_off & IP_OFFMASK);
 	u_short src_port, dst_port;
-#ifdef	IPFW_DIVERT_OLDRESTART
-	u_int16_t ignport = *cookie;
-#else
 	u_int16_t skipto = *cookie;
-#endif /* IPFW_DIVERT_OLDRESTART */

 	*cookie = 0;
 	/*
 	 * Go down the chain, looking for enlightment
-	 * #ifndef IPFW_DIVERT_OLDRESTART
 	 * If we've been asked to start at a given rule immediatly, do so.
-	 * #endif
 	 */
-#ifdef IPFW_DIVERT_OLDRESTART
-	for (chain=LIST_FIRST(&ip_fw_chain); chain;
-			chain = LIST_NEXT(chain, chain)) {
-#else
 	chain = LIST_FIRST(&ip_fw_chain);
 	if ( skipto ) {
 		if (skipto >= 65535)
@ -432,7 +418,6 @@ ip_fw_chk(struct ip **pip, int hlen,
 		if (! chain) goto dropit;
 	}
 	for (; chain; chain = LIST_NEXT(chain, chain)) {
-#endif /* IPFW_DIVERT_OLDRESTART */
 		register struct ip_fw *const f = chain->rule;

 		if (oif) {
@ -582,17 +567,6 @@ bogusfrag:
 		}

 got_match:
-#ifdef IPFW_DIVERT_OLDRESTART
-		/* Ignore divert/tee rule if socket port is "ignport" */
-		switch (f->fw_flg & IP_FW_F_COMMAND) {
-		case IP_FW_F_DIVERT:
-		case IP_FW_F_TEE:
-			if (f->fw_divert_port == ignport)
-				continue;       /* ignore this rule */
-			break;
-		}
-
-#endif /* IPFW_DIVERT_OLDRESTART */
 		/* Update statistics */
 		f->fw_pcnt += 1;
 		f->fw_bcnt += ip->ip_len;
@ -609,11 +583,7 @@ got_match:
 		case IP_FW_F_COUNT:
 			continue;
 		case IP_FW_F_DIVERT:
-#ifdef IPFW_DIVERT_OLDRESTART
-			*cookie = f->fw_divert_port;
-#else
 			*cookie = f->fw_number;
-#endif /* IPFW_DIVERT_OLDRESTART */
 			return(f->fw_divert_port);
 		case IP_FW_F_TEE:
 			/*
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@ -31,7 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)ip_input.c	8.2 (Berkeley) 1/4/94
- * $Id: ip_input.c,v 1.89 1998/06/06 21:49:16 julian Exp $
+ * $Id: ip_input.c,v 1.90 1998/06/12 03:48:16 julian Exp $
 *	$ANA: ip_input.c,v 1.5 1996/09/18 14:34:59 wollman Exp $
 */

@ -358,7 +358,8 @@ tooshort:
 		u_short port;

 		port = (*ip_fw_chk_ptr)(&ip, hlen, NULL, &ip_divert_cookie, &m);
-		if (port) {			/* Divert packet */
+		if (port) {
+			/* Divert packet */
 			frag_divert_port = port;
 			goto ours;
 		}