d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Only invoke verify_path() for verrevpath and versrcreach when we have an IP packet.

Browse Source
This commit is contained in:
andre 2004-08-11 11:41:11 +00:00
parent dd8a1c6e2a
commit 957506e985
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/netinet/ip_fw2.c
View File

@ -2200,15 +2200,15 @@ ipfw_chk(struct ip_fw_args *args)
case O_VERREVPATH:
/* Outgoing packets automatically pass/match */
match = ((oif != NULL) ||
match = (hlen > 0 && ((oif != NULL) ||
(m->m_pkthdr.rcvif == NULL) ||
verify_path(src_ip, m->m_pkthdr.rcvif));
verify_path(src_ip, m->m_pkthdr.rcvif)));
break;
case O_VERSRCREACH:
/* Outgoing packets automatically pass/match */
match = ((oif != NULL) ||
verify_path(src_ip, NULL));
match = (hlen > 0 && ((oif != NULL) ||
verify_path(src_ip, NULL)));
break;
case O_ANTISPOOF: