So sorry its not a propper diff anymore but this is what i've done:
--- sys.bak/kern/uipc_socket.c Wed Mar 5 21:11:31 2008
+++ sys/kern/uipc_socket.c Thu Mar 6 06:50:29 2008
@@ -48,6 +48,8 @@
#include <sys/resourcevar.h>
#include <sys/pool.h>
+#include <net/pfvar.h>
+
void filt_sordetach(struct knote *kn);
int filt_soread(struct knote *kn, long hint);
void filt_sowdetach(struct knote *kn);
@@ -115,6 +117,7 @@ socreate(int dom, struct socket **aso, int type, int p
so->so_rgid = p->p_cred->p_rgid;
so->so_egid = p->p_ucred->cr_gid;
so->so_cpid = p->p_pid;
+ so->so_pftag = 0;
so->so_proto = prp;
error = (*prp->pr_usrreq)(so, PRU_ATTACH, NULL,
(struct mbuf *)(long)proto, NULL);
@@ -1085,6 +1088,17 @@ sosetopt(struct socket *so, int level, int optname, st
}
break;
}
+
+ case SO_PFTAG:
+ {
+ if (m == NULL) {
+ error = EINVAL;
+ printf("Error while setting tag\n");
+ goto bad;
+ }
+ so->so_pftag = pf_tagname2tag(mtod(m, char *));
+ break;
+ }
default:
error = ENOPROTOOPT;
@@ -1173,6 +1187,14 @@ sogetopt(struct socket *so, int level, int optname, st
mtod(m, struct timeval *)->tv_sec = val / hz;
mtod(m, struct timeval *)->tv_usec =
(val % hz) * tick;
+ break;
+ }
+ case SO_PFTAG:
+ {
+ char tagname[PF_TAG_NAME_SIZE];
+ pf_tag2tagname(so->so_pftag, tagname);
+ m->m_len = strlen(tagname) + 1;
+ strlcpy(mtod(m, char *), tagname, MLEN);
break;
}
--- sys.bak/net/pfvar.h Wed Mar 5 21:12:24 2008
+++ sys/net/pfvar.h Wed Mar 5 23:31:03 2008
@@ -41,6 +41,7 @@
#include <net/radix.h>
#include <net/route.h>
+#include <net/if.h>
#include <netinet/ip_ipsp.h>
#include <netinet/tcp_fsm.h>
--- sys.bak/netinet/tcp_output.c Wed Mar 5 21:12:02 2008
+++ sys/netinet/tcp_output.c Wed Mar 5 23:53:37 2008
@@ -98,6 +98,8 @@
#include <netinet6/in6_var.h>
#endif /* INET6 */
+#include <net/pfvar.h>
+
#ifdef notyet
extern struct mbuf *m_copypack();
#endif
@@ -698,6 +700,10 @@ send:
error = ENOBUFS;
goto out;
}
+ if (so->so_pftag != 0)
+ {
+ pf_tag_packet(m, so->so_pftag, -1);
+ }
/*
* m_copypack left space for our hdr; use it.
*/
@@ -716,6 +722,10 @@ send:
error = ENOBUFS;
goto out;
}
+ if (so->so_pftag != 0)
+ {
+ pf_tag_packet(m, so->so_pftag, -1);
+ }
m->m_data += max_linkhdr;
m->m_len = hdrlen;
if (len <= M_TRAILINGSPACE(m)) {
@@ -761,6 +771,11 @@ send:
error = ENOBUFS;
goto out;
}
+ if (so->so_pftag != 0)
+ {
+ pf_tag_packet(m, so->so_pftag, -1);
+ }
+
m->m_data += max_linkhdr;
m->m_len = hdrlen;
}
--- sys.bak/sys/socket.h Wed Mar 5 21:12:13 2008
+++ sys/sys/socket.h Wed Mar 5 21:28:05 2008
@@ -80,6 +80,7 @@
#define SO_ERROR 0x1007 /* get error status and clear */
#define SO_TYPE 0x1008 /* get socket type */
#define SO_NETPROC 0x1020 /* multiplex; network
processing */
+#define SO_PFTAG 0x1030 /* tag packets from this socket
*/
/*
* Structure used for manipulating linger option.
--- sys.bak/sys/socketvar.h Wed Mar 5 21:12:13 2008
+++ sys/sys/socketvar.h Wed Mar 5 23:46:07 2008
@@ -108,6 +108,7 @@ struct socket {
uid_t so_euid, so_ruid; /* who opened the socket */
gid_t so_egid, so_rgid;
pid_t so_cpid; /* pid of process that opened socket */
+ u_int16_t so_pftag; /* tag a packet from this socket */
};
#define SB_EMPTY_FIXUP(sb)
\
