Date: Tue, 20 Jul 2004 11:17:59 +0400 From: Gleb Smirnoff <glebius@freebsd.org> To: James <haesu@towardex.com> Cc: Andre Oppermann <andre@freebsd.org> Subject: Re: IPFW2 versrcreach update Message-ID: <20040720071759.GA54281@cell.sick.ru> In-Reply-To: <20040720021237.GA74977@scylla.towardex.com> References: <20040720021237.GA74977@scylla.towardex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 19, 2004 at 10:12:38PM -0400, James wrote:
J> /* if no ifp provided, check if rtentry is not default route */
J> if (ifp == NULL &&
J> satosin(rt_key(ro.ro_rt))->sin_addr.s_addr == INADDR_ANY) {
J> RTFREE(ro.ro_rt);
J> return 0;
J> }
J>
J> + /* by this point a route is found. check if this is pointed
J> + * to blackhole/reject */
J> + if (ifp == NULL && ro.ro_rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE) ) {
J> + RTFREE(ro.ro_rt);
J> + return 0;
J> + }
J>
J>
J> Haven't tested this yet, but will do tomorrow after I finish some other stuff
J> I need done before rebooting w/ a test kernel.
J> Anyway the idea is to fail the check if the route has RTF_REJECT or
J> RTF_BLACKHOLE flag, under loose-check (ifp set to NULL) operation, which is
J> an easy straight forward change.
Seems reasonable from my viewpoint.
P.S. GNU zebra null-routes into lo0, always setting RTF_BLACKHOLE flag. What
software uses RTF_REJECT flag?
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040720071759.GA54281>