Date: Fri, 8 Apr 2005 12:38:00 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/netinet ip_fw_pfil.c Message-ID: <200504081238.j38Cc0Yr040290@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
glebius 2005-04-08 12:38:00 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_5_4)
sys/netinet ip_fw_pfil.c
Log:
MFC 1.18:
When a packet has been reinjected into ipfw(4) after dummynet(4) processing
we have a non-NULL args.rule. If the same packet later is subject to "tee"
rule, its original is sent again into ipfw_chk() and it reenters at the same
rule. This leads to infinite loop and frozen router.
Assign args.rule to NULL, any time we are going to send packet back to
ipfw_chk() after a tee rule. This is a temporary workaround, which we
will leave for RELENG_5. In HEAD we are going to make divert(4) save
next rule the same way as dummynet(4) does.
PR: kern/79546
Submitted by: Oleg Bulyzhin
Reviewed by: maxim, andre
Approved by: re (kensmith)
Revision Changes Path
1.1.2.8.2.1 +6 -2 src/sys/netinet/ip_fw_pfil.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504081238.j38Cc0Yr040290>