Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 16 Dec 2015 09:16:06 +0000 (UTC)
From:      "Alexander V. Chernikov" <melifaro@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r292329 - head/sys/netinet
Message-ID:  <201512160916.tBG9G673049306@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: melifaro
Date: Wed Dec 16 09:16:06 2015
New Revision: 292329
URL: https://svnweb.freebsd.org/changeset/base/292329

Log:
  Fix ARP reply handling changed in r286955.
  
  If source of ARP request didn't pass the routing check
  (e.g. not in directly connected network), be polite and
  still answer the request instead of dropping frame.
  
  Reported by:	quadro at irc@rusnet

Modified:
  head/sys/netinet/if_ether.c

Modified: head/sys/netinet/if_ether.c
==============================================================================
--- head/sys/netinet/if_ether.c	Wed Dec 16 09:11:11 2015	(r292328)
+++ head/sys/netinet/if_ether.c	Wed Dec 16 09:16:06 2015	(r292329)
@@ -855,12 +855,20 @@ match:
 		arp_check_update_lle(ah, isaddr, ifp, bridged, la);
 	else if (itaddr.s_addr == myaddr.s_addr) {
 		/*
-		 * Reply to our address, but no lle exists yet.
-		 * do we really have to create an entry?
+		 * Request/reply to our address, but no lle exists yet.
+		 * Try to create new llentry.
 		 */
 		la = lltable_alloc_entry(LLTABLE(ifp), 0, dst);
-		if (la == NULL)
-			goto drop;
+		if (la == NULL) {
+
+			/*
+			 * lle creation may fail if source address belongs
+			 * to non-directly connected subnet. However, we
+			 * will try to answer the request instead of dropping
+			 * frame.
+			 */
+			goto reply;
+		}
 		lltable_set_entry_addr(ifp, la, ar_sha(ah));
 
 		IF_AFDATA_WLOCK(ifp);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201512160916.tBG9G673049306>