ipfw: remove setting of SO_BROADCAST on the divert(4) socket

My review of the FreeBSD kernel code reveals that this setting
a) is ignored by the kernel b) is not required.  The sending
side of divert(4) never checks so->so_options, but always gives
IP_ALLOWBROADCAST to ip_output().

diff --git a/src/source-ipfw.c b/src/source-ipfw.c
index 1fe8ce0055c07bc451fe3f3f092b7e7bae6eb6a6..58f8c446f4a450ef15df850b908edf5939023d42 100644 (file)
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@@ -322,7 +322,6 @@ TmEcode ReceiveIPFWLoop(ThreadVars *tv, void *data, void *slot)
 TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, const void *initdata, void **data)
 {
     struct timeval timev;
-    int flag;
     IPFWThreadVars *ntv = (IPFWThreadVars *) initdata;
     IPFWQueueVars *nq = IPFWGetQueue(ntv->ipfw_index);
 
@@ -353,15 +352,6 @@ TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, const void *initdata, void **data)
         SCReturnInt(TM_ECODE_FAILED);
     }
 
-    /* set SO_BROADCAST on the divert socket, otherwise sendto()
-     * returns EACCES when reinjecting broadcast packets. */
-    flag = 1;
-
-    if (setsockopt(nq->fd, SOL_SOCKET, SO_BROADCAST, &flag, sizeof(flag)) == -1) {
-        SCLogError(SC_ERR_IPFW_SETSOCKOPT,"Can't set IPFW divert socket broadcast flag: %s", strerror(errno));
-        SCReturnInt(TM_ECODE_FAILED);
-    }
-
     nq->ipfw_sinlen=sizeof(nq->ipfw_sin);
     memset(&nq->ipfw_sin, 0, nq->ipfw_sinlen);
     nq->ipfw_sin.sin_family = PF_INET;