On Sun, Jun 11, 2006 at 08:29:37PM +0200, [EMAIL PROTECTED] wrote: > One thing you should look at is whether or not the flag needs to be kept > when copying the mbuf. I don't know whether it is an issue for this > application, but it might need special handling.
Good catch, it must be copied, but apparently the original ip_fw2.c code we inherited from FreeBSD 4.8 didn't: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/sys/mbuf.h?rev=1.128&content-type=text/x-cvsweb-markup Since M_SKIP_FIREWALL is set only on pkthdr, and duplication of pkthdr is performed by structure copy of m_pkthdr(which contains fw_flags), the patch should retain the current behavior.
