svn commit: r200959 - user/luigi/ipfw3-head/sys/netinet/ipfw

[Luigi Rizzo]

Author: luigi
Date: Thu Dec 24 19:06:13 2009
New Revision: 200959
URL: http://svn.freebsd.org/changeset/base/200959

Log:
  better form of endiannes adaptation

Modified:
  user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c

Modified: user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c	Thu Dec 24 18:50:59 2009	(r200958)
+++ user/luigi/ipfw3-head/sys/netinet/ipfw/ip_fw2.c	Thu Dec 24 19:06:13 2009	(r200959)
@@ -606,11 +606,12 @@ send_reject(struct ip_fw_args *args, int
 #endif
 	if (code != ICMP_REJECT_RST) { /* Send an ICMP unreach */
 		/* We need the IP header in host order for icmp_error(). */
-		if (args->eh != NULL) {
 #ifndef HAVE_NET_IPLEN
+		if (args->eh != NULL)
+#endif /* !HAVE_NET_IPLEN */
+		{
 			ip->ip_len = ntohs(ip->ip_len);
 			ip->ip_off = ntohs(ip->ip_off);
-#endif /* !HAVE_NET_IPLEN */
 		}
 		icmp_error(args->m, ICMP_UNREACH, code, 0L, 0);
 	} else if (args->f_id.proto == IPPROTO_TCP) {
@@ -1097,14 +1098,14 @@ do {								\
 		src_ip = ip->ip_src;
 		dst_ip = ip->ip_dst;
 #ifndef HAVE_NET_IPLEN
-		if (args->eh != NULL) { /* layer 2 packets are as on the wire */
-			offset = ntohs(ip->ip_off) & IP_OFFMASK;
-			ip_len = ntohs(ip->ip_len);
-		} else
-#endif /* !HAVE_NET_IPLEN */
-		{
+		if (args->eh == NULL) { /* on l3 these are in host format */
 			offset = ip->ip_off & IP_OFFMASK;
 			ip_len = ip->ip_len;
+		} else
+#endif /* !HAVE_NET_IPLEN */
+		{	/* otherwise they are in net format */
+			offset = ntohs(ip->ip_off) & IP_OFFMASK;
+			ip_len = ntohs(ip->ip_len);
 		}
 		pktlen = ip_len < pktlen ? ip_len : pktlen;
 
@@ -2166,10 +2167,13 @@ do {								\
 				    ip = mtod(m, struct ip *);
 				    hlen = ip->ip_hl << 2;
 #ifndef HAVE_NET_IPLEN
-				    /* revert len & off for layer2 pkts */
+				    /* revert len. & off to net format if needed */
 				    if (args->eh != NULL)
-					ip->ip_len = htons(ip->ip_len);
 #endif /* !HAVE_NET_IPLEN */
+				    {
+					ip->ip_len = htons(ip->ip_len);
+					ip->ip_off = htons(ip->ip_off);
+				    }
 				    ip->ip_sum = 0;
 				    if (hlen == sizeof(struct ip))
 					ip->ip_sum = in_cksum_hdr(ip);