blob: 4f292d7de1091ff4cfbb2ce83c46c3d54b7e0c42 [file] [log] [blame] [raw]
*** /sys/netinet/ip_input.c.orig Fri Aug 28 11:33:27 1998
--- /sys/netinet/ip_input.c Fri Aug 28 13:49:37 1998
***************
*** 107,112 ****
--- 107,116 ----
int ipqmaxlen;
struct in_ifaddr *in_ifaddr; /* first inet address */
struct ifqueue ipintrq;
+ #if defined(IPFILTER)
+ extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **));
+ #endif
/*
* We need to save the IP options in case a protocol wants to respond
***************
*** 406,411 ****
--- 410,429 ----
} else
m_adj(m, ip->ip_len - m->m_pkthdr.len);
}
+
+ #if defined(IPFILTER)
+ /*
+ * Check if we want to allow this packet to be processed.
+ * Consider it to be bad if not.
+ */
+ if (fr_checkp) {
+ struct mbuf *m1 = m;
+
+ if ((*fr_checkp)(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1)
+ goto next;
+ ip = mtod(m = m1, struct ip *);
+ }
+ #endif
/*
* Process options and, if not destined for us,