From owner-svn-src-all@FreeBSD.ORG Thu Jan 16 18:04:44 2014 Return-Path: Delivered-To: svn-src-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA1BF478; Thu, 16 Jan 2014 18:04:44 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AFBFA16B9; Thu, 16 Jan 2014 18:04:44 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id s0GI4hSC088725 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 16 Jan 2014 10:04:44 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id s0GI4hg1088724; Thu, 16 Jan 2014 10:04:43 -0800 (PST) (envelope-from jmg) Date: Thu, 16 Jan 2014 10:04:43 -0800 From: John-Mark Gurney To: "Alexander V. Chernikov" Subject: Re: svn commit: r260702 - head/sys/netinet Message-ID: <20140116180443.GD75135@funkthat.com> References: <201401161150.s0GBo1c1069638@svn.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201401161150.s0GBo1c1069638@svn.freebsd.org> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Thu, 16 Jan 2014 10:04:44 -0800 (PST) Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jan 2014 18:04:44 -0000 Alexander V. Chernikov wrote this message on Thu, Jan 16, 2014 at 11:50 +0000: > Author: melifaro > Date: Thu Jan 16 11:50:00 2014 > New Revision: 260702 > URL: http://svnweb.freebsd.org/changeset/base/260702 > > Log: > Fix ipfw fwd for IPv4 traffic broken by r249894. > > Problem case: > Original lookup returns route with GW set, so gw points to > rte->rt_gateway. > After that we're changing dst and performing lookup another time. > Since fwd host is most probably directly reachable, resulting > rte does not contain rt_gateway, so gw is not set. Finally, we > end with packet transmitted to proper interface but wrong > link-layer address. > > Found by: lstewart > Discussed with: ae,lstewart > MFC after: 2 weeks > Sponsored by: Yandex LLC This may be needed for 10.0 as this sounds suspiciously familar to the recent multicast code that was fixed too... It sounds like someone needs to audit this code to verify that there are no other code paths that can break because of this. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."