Move fw_one_pass from ip_fw2.c to ip_input.c so that neither

bridge.c nor if_ethersubr.c depend on IPFIREWALL.
Restore the use of fw_one_pass in if_ethersubr.c

ipfw.8 will be updated with a separate commit.

Approved by: re
This commit is contained in:
Luigi Rizzo
2002-11-20 19:07:27 +00:00
parent 032dcc7680
commit 97850a5dd9
3 changed files with 2 additions and 2 deletions
+1 -1
View File
@@ -437,7 +437,7 @@ ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
int i;
struct ip_fw_args args;
if (*rule != NULL /*&& fw_one_pass*/) /* HACK! need to obey fw_one_pass */
if (*rule != NULL && fw_one_pass)
return 1; /* dummynet packet, already partially processed */
/*
-1
View File
@@ -107,7 +107,6 @@ static struct ip_fw *layer3_chain;
MALLOC_DEFINE(M_IPFW, "IpFw/IpAcct", "IpFw/IpAcct chain's");
static int fw_debug = 1;
int fw_one_pass = 1;
static int autoinc_step = 100; /* bounded to 1..1000 in add_rule() */
#ifdef SYSCTL_NODE
+1
View File
@@ -195,6 +195,7 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
/* Firewall hooks */
ip_fw_chk_t *ip_fw_chk_ptr;
int fw_enable = 1 ;
int fw_one_pass = 1;
/* Dummynet hooks */
ip_dn_io_t *ip_dn_io_ptr;