| *** /sys/netinet/ip_output.c.orig Thu Oct 24 22:27:28 1996 |
| --- /sys/netinet/ip_output.c Tue Feb 18 21:38:23 1997 |
| *************** |
| *** 65,70 **** |
| --- 65,74 ---- |
| static struct mbuf *ip_insertoptions __P((struct mbuf *, struct mbuf *, int *)); |
| static void ip_mloopback |
| __P((struct ifnet *, struct mbuf *, struct sockaddr_in *)); |
| + #if defined(IPFILTER_LKM) || defined(IPFILTER) |
| + extern int fr_check __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); |
| + extern int (*fr_checkp) __P((struct ip *, int, struct ifnet *, int, struct mbuf **)); |
| + #endif |
| |
| /* |
| * IP output. The packet in mbuf chain m contains a skeletal IP |
| *************** |
| *** 330,335 **** |
| --- 334,351 ---- |
| m->m_flags &= ~M_BCAST; |
| |
| sendit: |
| + #if defined(IPFILTER) || defined(IPFILTER_LKM) |
| + /* |
| + * looks like most checking has been done now...do a filter check |
| + */ |
| + if (fr_checkp) { |
| + struct mbuf *m1 = m; |
| + |
| + if ((error = (*fr_checkp)(ip, hlen, ifp, 1, &m1)) || !m1) |
| + goto done; |
| + ip = mtod(m = m1, struct ip *); |
| + } |
| + #endif |
| /* |
| * Check with the firewall... |
| */ |