@@ -269,52 +269,20 @@ ret = nfq_get_payload(nfa, &nfdata); /* what return codes here? */ ret = get_packet_info(nfdata, &ip); if (ret == -1) { - pbl_set_verdict(qh, id, NF_ACCEPT); + SET_VERDICT(qh, id, NF_ACCEPT, 0, NULL); return; } ret = packet_check_ip(ip); if (conf.debug >= 2) { printf ("Got packet from %hhu.%hhu.%hhu.%hhu: %d\n", ip.b1, ip.b2, ip.b3, ip.b4, ret); } - pbl_set_verdict(qh, id, ret); -} -/* - * SYNOPSIS: - * static void pbl_set_verdict( - * const struct PBL_HANDLE *h, - * ipq_id_t id, - * unsigned int verdict - * ); - * - * ARGUMENTS: - * struct PBL_HANDLE *h IP Queue handle, must not be NULL - * ipq_id_t id XXX: Id ??? - * unsigned int verdict Verdict to assign this packet in the queue. - * - * RETURN VALUE: - * (none) - * - * NOTES: - * This function calls ipq_set_verdict() to the appropriate "verdict" - * It must be able to handle the condition where "conf.dryrun" is set - * causing all "verdict" values to be treated as NF_ACCEPT regardless - * of their actual value. - * - */ -static void pbl_set_verdict(struct PBL_HANDLE *h, PBL_ID_T id, - unsigned int verdict) { - - if (conf.dryrun == 1) { - SET_VERDICT(h, id, NF_ACCEPT, 0, NULL); - } else { - SET_VERDICT(h, id, verdict, 0, NULL); - } + SET_VERDICT(qh, id, conf.dryrun ? NF_ACCEPT : ret, 0, NULL); } /* * SYNOPSIS: * int main(