drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2024-11-26 20:20:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

do not use PF_DIVERT for openbsd

Browse Source
This commit is contained in:
bol-van 2024-03-08 13:50:19 +03:00
parent eaaa1a326c
commit 70fa1dbea7
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nfq/darkmagic.c
View File

@ -911,13 +911,15 @@ int rawsend_socket_divert(sa_family_t family)
// we either have to go to the link layer (its hard, possible problems arise, compat testing, ...) or use some HACKING // we either have to go to the link layer (its hard, possible problems arise, compat testing, ...) or use some HACKING
// from my point of view disabling direct ability to send ip frames is not security. its SHIT // from my point of view disabling direct ability to send ip frames is not security. its SHIT
int fd,err; int fd;
#ifdef __FreeBSD__
// freebsd14+ way // freebsd14+ way
// don't want to use ifdefs with os version to make binaries compatible with all versions
fd = socket(PF_DIVERT, SOCK_RAW, 0); fd = socket(PF_DIVERT, SOCK_RAW, 0);
err=errno; if (fd==-1 && (errno==EPROTONOSUPPORT || errno==EAFNOSUPPORT || errno==EPFNOSUPPORT))
if (fd==-1 && (err==EPROTONOSUPPORT || err==EAFNOSUPPORT || err==EPFNOSUPPORT)) #endif
// legacy way // freebsd13- or openbsd way
fd = socket(family, SOCK_RAW, IPPROTO_DIVERT); fd = socket(family, SOCK_RAW, IPPROTO_DIVERT);
if (fd!=-1 && !set_socket_buffers(fd,4096,RAW_SNDBUF)) if (fd!=-1 && !set_socket_buffers(fd,4096,RAW_SNDBUF))
{ {