Looks good, except the conditionals need to be rearranged a bit to make
them more readable and there is also no need to check for 0. For
example:
if (last && last->inp_ip_minttl && last->inp_ip_minttl > ip->ip_ttl) {
Can just be:
if (last && ip->ip_ttl < last->inp_ip_minttl) {
The code logic in raw_ip.c doesn't look quite right. I think you are
missing an 'else' clause:
} else
#endif /*FAST_IPSEC*/
+ /* Check the minimum TTL for socket. */
+ if (last && last->inp_ip_minttl && last->inp_ip_minttl > ip->ip_ttl) {
+ m_freem(opts);
+ ipstat.ips_delivered--;
+ }
+
^^^^^^ needs an else clause to chain into the unmodified code that
occurs afterwords?
if (last) {
-Matt
