d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Our packet filters use mbuf's rcvif pointer to determine incoming interface.

Browse Source 
Change mbuf's rcvif to enc0 and restore it after pfil processing.

PR:		110959
Sponsored by:	Yandex LLC
This commit is contained in:
ae 2014-10-07 13:31:04 +00:00
parent 2c5c8aef35
commit ea6fd7eaaf
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/net/if_enc.c
View File

@ -230,6 +230,7 @@ ipsec_filter(struct mbuf **mp, int dir, int flags)
{
int error, i;
struct ip *ip;
struct ifnet *rcvif;
KASSERT(encif != NULL, ("%s: encif is null", __func__));
KASSERT(flags & (ENC_IN|ENC_OUT),
@ -268,6 +269,8 @@ ipsec_filter(struct mbuf **mp, int dir, int flags)
}
error = 0;
rcvif = (*mp)->m_pkthdr.rcvif;
(*mp)->m_pkthdr.rcvif = encif;
ip = mtod(*mp, struct ip *);
switch (ip->ip_v) {
#ifdef INET
@ -298,6 +301,7 @@ ipsec_filter(struct mbuf **mp, int dir, int flags)
if (error != 0)
goto bad;
(*mp)->m_pkthdr.rcvif = rcvif;
return (error);
bad: