svn commit: r343631 - in head: . sbin sbin/pfilctl share/man/man9 sys/contrib/ipfilter/netinet sys/net sys/netinet sys/netinet6 sys/netpfil/ipfw sys/netpfil/pf

Andrey V. Elsukov bu7cher at yandex.ru
Mon Dec 23 09:22:37 UTC 2019


On 21.12.2019 01:14, Gleb Smirnoff wrote:
> A> >   Another future feature is possiblity to create pfil heads, that provide
> A> >   not an mbuf pointer but just a memory pointer with length. That would
> A> >   allow filtering at very early stages of a packet lifecycle, e.g. when
> A> >   packet has just been received by a NIC and no mbuf was yet allocated.
> A> It seems that this commit has changed the error code returned from
> A> ip[6]_output() when a packet is blocked. Previously it was EACCES, but
> A> now it became EPERM. Was it intentional?
> 
> I don't think that was intentional. Can you please review this patch?

LGTM, thanks!

-- 
WBR, Andrey V. Elsukov

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20191223/597f8bb3/attachment.sig>


More information about the svn-src-head mailing list