Date: Sun, 19 Sep 2004 22:41:28 +0400 (MSD) From: Maxim Konovalov <maxim@macomnet.ru> To: current@freebsd.org Cc: truckman@freebsd.org Subject: net.inet.ip.check_interface POLA Message-ID: <20040919222735.N50658@mp2.macomnet.net>
next in thread | raw e-mail | index | archive | help
Hello,
When net.inet.ip.check_interface was MFCed to RELENG_4 3+ years ago in
rev. 1.130.2.17 ip_input.c it was 1 by default but shortly changed to
0 (accidently?) in rev. 1.130.2.20 in RELENG_4 only. Among with the
fact this knob is not documented it breaks POLA especially in bridge
enviroment.
I suggest to synchronize HEAD and RELENG_5 with RELENG_4 and make an
MFS. I do not like the idea to change net.inet.ip.check_interface to
1 by default in RELENG_4 for the obvious reasons.
Any objections?
Index: sys/netinet/ip_input.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.289
diff -u -r1.289 ip_input.c
--- sys/netinet/ip_input.c 16 Sep 2004 18:33:39 -0000 1.289
+++ sys/netinet/ip_input.c 19 Sep 2004 18:35:31 -0000
@@ -148,7 +148,7 @@
* to the loopback interface instead of the interface where the
* packets for those addresses are received.
*/
-static int ip_checkinterface = 1;
+static int ip_checkinterface = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
&ip_checkinterface, 0, "Verify packet arrives on correct interface");
%%%
--
Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040919222735.N50658>