/*
- * Copyright (c) 2003-2015 Apple Inc. All rights reserved.
+ * Copyright (c) 2003-2016 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
extern int ipsec_bypass;
#endif /* IPSEC */
-#if IPFW2
-#include <netinet6/ip6_fw.h>
-#endif /* IPFW2 */
-
#if DUMMYNET
#include <netinet/ip_fw.h>
#include <netinet/ip_dummynet.h>
#define ICMP6_IFSTAT_REQUIRE_ALIGNED_64(f) \
_CASSERT(!(offsetof(struct icmp6_ifstat, f) % sizeof (uint64_t)))
-#if IPFW2
-/* firewall hooks */
-ip6_fw_chk_t *ip6_fw_chk_ptr;
-ip6_fw_ctl_t *ip6_fw_ctl_ptr;
-int ip6_fw_enable = 1;
-#endif /* IPFW2 */
-
struct ip6stat ip6stat;
decl_lck_mtx_data(, proxy6_lock);
SYSCTL_DECL(_net_inet6_ip6);
-int ip6_doscopedroute = 1;
-SYSCTL_INT(_net_inet6_ip6, OID_AUTO, scopedroute,
- CTLFLAG_RD | CTLFLAG_LOCKED, &ip6_doscopedroute, 0,
- "Enable IPv6 scoped routing");
-
static uint32_t ip6_adj_clear_hwcksum = 0;
SYSCTL_UINT(_net_inet6_ip6, OID_AUTO, adj_clear_hwcksum,
CTLFLAG_RW | CTLFLAG_LOCKED, &ip6_adj_clear_hwcksum, 0,
return;
ip6_initialized = 1;
- PE_parse_boot_argn("net.inet6.ip6.scopedroute", &ip6_doscopedroute,
- sizeof (ip6_doscopedroute));
-
pr = pffindproto_locked(PF_INET6, IPPROTO_RAW, SOCK_RAW);
if (pr == NULL) {
panic("%s: Unable to find [PF_INET6,IPPROTO_RAW,SOCK_RAW]\n",
int nxt = 0, ours = 0;
struct ifnet *inifp, *deliverifp = NULL;
ipfilter_t inject_ipfref = NULL;
- int seen;
+ int seen = 1;
struct in6_ifaddr *ia6 = NULL;
struct sockaddr_in6 *dst6;
#if DUMMYNET
goto bad;
}
#endif
-#if IPFW2
- /*
- * Check with the firewall...
- */
- if (ip6_fw_enable && ip6_fw_chk_ptr) {
- u_short port = 0;
- /* If ipfw says divert, we have to just drop packet */
- /* use port as a dummy argument */
- if ((*ip6_fw_chk_ptr)(&ip6, NULL, &port, &m)) {
- m_freem(m);
- m = NULL;
- }
- if (!m)
- goto done;
- }
-#endif /* IPFW2 */
/*
* Naively assume we can attribute inbound data to the route we would
/*
* Call IP filter
*/
- if (!TAILQ_EMPTY(&ipv6_filters)) {
+ if (!TAILQ_EMPTY(&ipv6_filters) && !IFNET_IS_INTCOPROC(inifp)) {
ipf_ref();
TAILQ_FOREACH(filter, &ipv6_filters, ipf_link) {
if (seen == 0) {
* opthead + hbhlen is located in continuous memory region.
*/
int
-ip6_process_hopopts(m, opthead, hbhlen, rtalertp, plenp)
- struct mbuf *m;
- u_int8_t *opthead;
- int hbhlen;
- u_int32_t *rtalertp;
- u_int32_t *plenp;
+ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
+ u_int32_t *rtalertp, u_int32_t *plenp)
{
struct ip6_hdr *ip6;
int optlen = 0;
* we develop `neater' mechanism to process extension headers.
*/
char *
-ip6_get_prevhdr(m, off)
- struct mbuf *m;
- int off;
+ip6_get_prevhdr(struct mbuf *m, int off)
{
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
default:
return (-1);
}
-
- return (-1);
}
/*
projects / apple / xnu.git / blobdiff