diff options
| author | Søren Schmidt <sos@FreeBSD.org> | 1996-08-21 21:37:07 +0000 |
|---|---|---|
| committer | Søren Schmidt <sos@FreeBSD.org> | 1996-08-21 21:37:07 +0000 |
| commit | fed1c7e9e49e3145f0fdca9bc6ac91be93ab1898 (patch) | |
| tree | 1a5729bda0705ded4c0ab671ff54ccd91014adb1 /sys/netinet/ip_output.c | |
| parent | 1702c53ed2eaa806924ca4c7588fa997f9d4d60e (diff) | |
| download | src-fed1c7e9e49e3145f0fdca9bc6ac91be93ab1898.tar.gz src-fed1c7e9e49e3145f0fdca9bc6ac91be93ab1898.zip | |
Add hooks for an IP NAT module, much like the firewall stuff...
Move the sockopt definitions for the firewall code from
ip_fw.h to in.h where it belongs.
Notes
Notes:
svn path=/head/; revision=17758
Diffstat (limited to 'sys/netinet/ip_output.c')
| -rw-r--r-- | sys/netinet/ip_output.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index bb30a9fc8589..8bdcabcabc22 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 - * $Id: ip_output.c,v 1.40 1996/06/08 08:18:59 bde Exp $ + * $Id: ip_output.c,v 1.41 1996/07/10 19:44:26 julian Exp $ */ #define _IP_VHL @@ -331,6 +331,19 @@ ip_output(m0, opt, ro, flags, imo) } sendit: + /* + * IpHack's section. + * - Xlate: translate packet's addr/port (NAT). + * - Firewall: deny/allow + * - Wrap: fake packet's addr/port <unimpl.> + * - Encapsulate: put it in another IP and send out. <unimp.> + */ + + if (ip_nat_ptr && !(*ip_nat_ptr)(&ip, &m, IP_NAT_OUT)) { + error = EACCES; + goto done; + } + #ifdef COMPAT_IPFW /* * Check with the firewall... |