Module Name: src
Committed By: jmcneill
Date: Mon Nov 27 01:34:06 UTC 2017
Modified Files:
src/sys/net: if_vlan.c
Log Message:
kern/52765: npf cannot do port forwarding on vlan interfaces
Add pfil hooks support to vlan(4), from christos@
To generate a diff of this commit:
cvs rdiff -u -r1.112 -r1.113 src/sys/net/if_vlan.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_vlan.c
diff -u src/sys/net/if_vlan.c:1.112 src/sys/net/if_vlan.c:1.113
--- src/sys/net/if_vlan.c:1.112 Wed Nov 22 05:17:32 2017
+++ src/sys/net/if_vlan.c Mon Nov 27 01:34:06 2017
@@ -1,4 +1,4 @@
-/* $NetBSD: if_vlan.c,v 1.112 2017/11/22 05:17:32 msaitoh Exp $ */
+/* $NetBSD: if_vlan.c,v 1.113 2017/11/27 01:34:06 jmcneill Exp $ */
/*-
* Copyright (c) 2000, 2001 The NetBSD Foundation, Inc.
@@ -78,7 +78,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.112 2017/11/22 05:17:32 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.113 2017/11/27 01:34:06 jmcneill Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1384,6 +1384,14 @@ vlan_transmit(struct ifnet *ifp, struct
ec = (void *)mib->ifvm_p;
bpf_mtap(ifp, m);
+
+ if (pfil_run_hooks(ifp->if_pfil, &m, ifp, PFIL_OUT) != 0) {
+ if (m != NULL)
+ m_freem(m);
+ error = 0;
+ goto out;
+ }
+
/*
* If the parent can insert the tag itself, just mark
* the tag in the mbuf header.
@@ -1568,6 +1576,12 @@ vlan_input(struct ifnet *ifp, struct mbu
m_set_rcvif(m, &ifv->ifv_if);
ifv->ifv_if.if_ipackets++;
+ if (pfil_run_hooks(ifp->if_pfil, &m, ifp, PFIL_IN) != 0) {
+ if (m != NULL)
+ m_freem(m);
+ goto out;
+ }
+
m->m_flags &= ~M_PROMISC;
if_input(&ifv->ifv_if, m);
out:
