Date: Sat, 3 Feb 2007 02:57:46 +0000 (UTC) From: Bruce M Simpson <bms@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/net if_tap.c Message-ID: <200702030257.l132vkfT089439@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
bms 2007-02-03 02:57:46 UTC
FreeBSD src repository
Modified files:
sys/net if_tap.c
Log:
Drop unicast Ethernet frames not destined for the configured address
of a tap(4) instance, if IFF_PROMISC is not set.
In tap(4), we should emulate the effect IFF_PROMISC would have on
hardware, otherwise we risk introducing layer 2 loops if tap(4) is
used with bridges. This means not even bpf(4) gets to see them.
This patch has been tested in a variety of situations. Multicast and
broadcast frames are correctly allowed through. I have observed this
behaviour causing problems with multiple QEMU instances hosted on
the same FreeBSD machine.
The checks in in ether_demux() [if_ethersubr.c, rev 1.222, line 638]
are insufficient to prevent this bug from occurring, as ifp->if_vlantrunk
will always be NULL for the non-vlan case.
MFC after: 3 weeks
PR: 86429
Submitted by: Pieter de Boer (with changes)
Revision Changes Path
1.68 +18 -0 src/sys/net/if_tap.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702030257.l132vkfT089439>