pf_route and pf_route6 are called to take over delivery of the
packet with route-to and reply-to instead of letting it get processed
normally. for the dup-to handling, it copies the mbuf but leaves
the original mbuf in place. pf_route takes over the packet by
clearing the mbuf pointer in the pf_pdesc struct. this diff moves
the clearing of that pointer to the start of the function, rather
than checking for dup-to again on the way out of the function.
i think this is better because it means that it's more robust in
the face of future code changes. even if that's not true, it's still
shorter code in a forwarding path.
ok sashan@ jmatthew@
-/* $OpenBSD: pf.c,v 1.1102 2021/01/27 03:02:06 dlg Exp $ */
+/* $OpenBSD: pf.c,v 1.1103 2021/01/27 04:46:21 dlg Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
if ((r->rt == PF_REPLYTO) == (r->direction == pd->dir))
return;
m0 = pd->m;
+ pd->m = NULL;
}
if (m0->m_len < sizeof(struct ip)) {
ipstat_inc(ips_fragmented);
done:
- if (r->rt != PF_DUPTO)
- pd->m = NULL;
rtfree(rt);
return;
if ((r->rt == PF_REPLYTO) == (r->direction == pd->dir))
return;
m0 = pd->m;
+ pd->m = NULL;
}
if (m0->m_len < sizeof(struct ip6_hdr)) {
}
done:
- if (r->rt != PF_DUPTO)
- pd->m = NULL;
rtfree(rt);
return;
projects / openbsd / commitdiff