From: Gleb Smirnoff <glebius@FreeBSD.org>
Date: Wed, 31 Aug 2022 03:15:31 +0000 (-0700)
Subject: ipfw: use PF_DIVERT on modern FreeBSD
X-Git-Tag: suricata-6.0.7~21
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ae9b4144be032f666087418b0a6de07af3bb8af6;p=thirdparty%2Fsuricata.git

ipfw: use PF_DIVERT on modern FreeBSD

(cherry picked from commit 5dbbc52b066b2047c4bc30be7fd29dbb3febaf96)
---

diff --git a/src/source-ipfw.c b/src/source-ipfw.c
index 0d39cf9092..5b677c2bdb 100644
--- a/src/source-ipfw.c
+++ b/src/source-ipfw.c
@@ -334,7 +334,11 @@ TmEcode ReceiveIPFWThreadInit(ThreadVars *tv, const void *initdata, void **data)
 
     IPFWMutexInit(nq);
     /* We need a divert socket to play with */
+#ifdef PF_DIVERT
+    if ((nq->fd = socket(PF_DIVERT, SOCK_RAW, 0)) == -1) {
+#else
     if ((nq->fd = socket(PF_INET, SOCK_RAW, IPPROTO_DIVERT)) == -1) {
+#endif
         SCLogError(SC_ERR_IPFW_SOCK,"Can't create divert socket: %s", strerror(errno));
         SCReturnInt(TM_ECODE_FAILED);
     }