| raw_ip.c (105194) | raw_ip.c (105199) |
|---|---|
| 1/* 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 17 unchanged lines hidden (view full) --- 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95 | 1/* 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright --- 17 unchanged lines hidden (view full) --- 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95 |
| 34 * $FreeBSD: head/sys/netinet/raw_ip.c 105194 2002-10-16 01:54:46Z sam $ | 34 * $FreeBSD: head/sys/netinet/raw_ip.c 105199 2002-10-16 02:25:05Z sam $ |
| 35 */ 36 37#include "opt_inet6.h" 38#include "opt_ipsec.h" 39#include "opt_mac.h" 40#include "opt_random_ip_id.h" 41 42#include <sys/param.h> --- 23 unchanged lines hidden (view full) --- 66#include <netinet/in_var.h> 67#include <netinet/ip.h> 68#include <netinet/ip_var.h> 69#include <netinet/ip_mroute.h> 70 71#include <netinet/ip_fw.h> 72#include <netinet/ip_dummynet.h> 73 | 35 */ 36 37#include "opt_inet6.h" 38#include "opt_ipsec.h" 39#include "opt_mac.h" 40#include "opt_random_ip_id.h" 41 42#include <sys/param.h> --- 23 unchanged lines hidden (view full) --- 66#include <netinet/in_var.h> 67#include <netinet/ip.h> 68#include <netinet/ip_var.h> 69#include <netinet/ip_mroute.h> 70 71#include <netinet/ip_fw.h> 72#include <netinet/ip_dummynet.h> 73 |
| 74#ifdef FAST_IPSEC 75#include <netipsec/ipsec.h> 76#endif /*FAST_IPSEC*/ 77 |
|
| 74#ifdef IPSEC 75#include <netinet6/ipsec.h> 76#endif /*IPSEC*/ 77 78struct inpcbhead ripcb; 79struct inpcbinfo ripcbinfo; 80 81/* control hooks for ipfw and dummynet */ --- 70 unchanged lines hidden (view full) --- 152#ifdef IPSSEC 153 /* check AH/ESP integrity. */ 154 if (ipsec4_in_reject_so(n, last->inp_socket)) { 155 policyfail = 1; 156 ipsecstat.in_polvio++; 157 /* do not inject data to pcb */ 158 } 159#endif /*IPSEC*/ | 78#ifdef IPSEC 79#include <netinet6/ipsec.h> 80#endif /*IPSEC*/ 81 82struct inpcbhead ripcb; 83struct inpcbinfo ripcbinfo; 84 85/* control hooks for ipfw and dummynet */ --- 70 unchanged lines hidden (view full) --- 156#ifdef IPSSEC 157 /* check AH/ESP integrity. */ 158 if (ipsec4_in_reject_so(n, last->inp_socket)) { 159 policyfail = 1; 160 ipsecstat.in_polvio++; 161 /* do not inject data to pcb */ 162 } 163#endif /*IPSEC*/ |
| 164#ifdef FAST_IPSEC 165 /* check AH/ESP integrity. */ 166 if (ipsec4_in_reject(n, last)) { 167 policyfail = 1; 168 /* do not inject data to pcb */ 169 } 170#endif /*FAST_IPSEC*/ |
|
| 160#ifdef MAC 161 if (policyfail == 0 && 162 mac_check_socket_deliver(last->inp_socket, 163 n) != 0) 164 policyfail = 1; 165#endif 166 } 167 if (policyfail) --- 22 unchanged lines hidden (view full) --- 190 if (ipsec4_in_reject_so(m, last->inp_socket)) { 191 m_freem(m); 192 ipsecstat.in_polvio++; 193 ipstat.ips_delivered--; 194 /* do not inject data to pcb */ 195 return; 196 } 197#endif /*IPSEC*/ | 171#ifdef MAC 172 if (policyfail == 0 && 173 mac_check_socket_deliver(last->inp_socket, 174 n) != 0) 175 policyfail = 1; 176#endif 177 } 178 if (policyfail) --- 22 unchanged lines hidden (view full) --- 201 if (ipsec4_in_reject_so(m, last->inp_socket)) { 202 m_freem(m); 203 ipsecstat.in_polvio++; 204 ipstat.ips_delivered--; 205 /* do not inject data to pcb */ 206 return; 207 } 208#endif /*IPSEC*/ |
| 209#ifdef FAST_IPSEC 210 /* check AH/ESP integrity. */ 211 if (ipsec4_in_reject(m, last)) { 212 m_freem(m); 213 ipstat.ips_delivered--; 214 /* do not inject data to pcb */ 215 return; 216 } 217#endif /*FAST_IPSEC*/ |
|
| 198#ifdef MAC 199 if (mac_check_socket_deliver(last->inp_socket, m) != 0) { 200 m_freem(m); 201 ipstat.ips_delivered--; 202 return; 203 } 204#endif 205 if (last->inp_flags & INP_CONTROLOPTS || --- 520 unchanged lines hidden --- | 218#ifdef MAC 219 if (mac_check_socket_deliver(last->inp_socket, m) != 0) { 220 m_freem(m); 221 ipstat.ips_delivered--; 222 return; 223 } 224#endif 225 if (last->inp_flags & INP_CONTROLOPTS || --- 520 unchanged lines hidden --- |