From owner-svn-src-all@FreeBSD.ORG Fri Jan 17 19:57:51 2014 Return-Path: Delivered-To: svn-src-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4193CA06; Fri, 17 Jan 2014 19:57:51 +0000 (UTC) Received: from mail.ipfw.ru (mail.ipfw.ru [IPv6:2a01:4f8:120:6141::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F1E6714FC; Fri, 17 Jan 2014 19:57:50 +0000 (UTC) Received: from secured.by.ipfw.ru ([95.143.220.47] helo=ws.su29.net) by mail.ipfw.ru with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.76 (FreeBSD)) (envelope-from ) id 1W4BiF-000LYE-Sa; Fri, 17 Jan 2014 19:52:03 +0400 Message-ID: <52D98B15.3030409@FreeBSD.org> Date: Fri, 17 Jan 2014 23:57:09 +0400 From: "Alexander V. Chernikov" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130728 Thunderbird/17.0.7 MIME-Version: 1.0 To: John-Mark Gurney Subject: Re: svn commit: r260702 - head/sys/netinet References: <201401161150.s0GBo1c1069638@svn.freebsd.org> <20140116180443.GD75135@funkthat.com> In-Reply-To: <20140116180443.GD75135@funkthat.com> X-Enigmail-Version: 1.5.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2BCQLUDFFUCDBJQMJOSUN" Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jan 2014 19:57:51 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2BCQLUDFFUCDBJQMJOSUN Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 16.01.2014 22:04, John-Mark Gurney wrote: > Alexander V. Chernikov wrote this message on Thu, Jan 16, 2014 at 11:50= +0000: >> Author: melifaro >> Date: Thu Jan 16 11:50:00 2014 >> New Revision: 260702 >> URL: http://svnweb.freebsd.org/changeset/base/260702 >> >> Log: >> Fix ipfw fwd for IPv4 traffic broken by r249894. >> =20 >> Problem case: >> Original lookup returns route with GW set, so gw points to >> rte->rt_gateway. >> After that we're changing dst and performing lookup another time. >> Since fwd host is most probably directly reachable, resulting >> rte does not contain rt_gateway, so gw is not set. Finally, we >> end with packet transmitted to proper interface but wrong >> link-layer address. >> =20 >> Found by: lstewart >> Discussed with: ae,lstewart >> MFC after: 2 weeks >> Sponsored by: Yandex LLC >=20 > This may be needed for 10.0 as this sounds suspiciously familar to > the recent multicast code that was fixed too... I'll be happy if this can happen, but that's too late :( >=20 > It sounds like someone needs to audit this code to verify that there > are no other code paths that can break because of this. glebius@ did some kind of, but that didn't bring us forward :) >=20 ------enig2BCQLUDFFUCDBJQMJOSUN Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLZixoACgkQwcJ4iSZ1q2nauACfZnNQ5AyF7WKnLTmYmDD2STKC TvMAn33BhM1fSDqUp3qYv19bJ6JsPSw9 =v4IC -----END PGP SIGNATURE----- ------enig2BCQLUDFFUCDBJQMJOSUN--