Date: Wed, 30 Oct 2002 19:07:17 -0500 (EST) From: Andriy Gapon <avg@icyb.net.ua> To: Luigi Rizzo <rizzo@icir.org> Cc: FreeBSD-gnats-submit@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: kern/44417: ipfw layer2 rules are not checked for ether_output_frame() on bridged interface Message-ID: <20021030185817.K30853-100000@edge.foundation.invalid> In-Reply-To: <20021029095521.A12933@carp.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
sorry, sent that patch before even trying to compile it.
of course it should be:
391,406d390
< if (rule) /* packet was already bridged */
< goto no_bridge;
<
< if (BDG_ACTIVE(ifp) ) {
< struct ether_header *eh; /* a ptr suffices */
<
< m->m_pkthdr.rcvif = NULL;
< eh = mtod(m, struct ether_header *);
< m_adj(m, ETHER_HDR_LEN);
< m = bdg_forward_ptr(m, eh, ifp);
< if (m != NULL)
< m_freem(m);
< return (0);
< }
<
< no_bridge:
432a417,429
> }
>
> if (BDG_ACTIVE(ifp) ) {
> struct ether_header *eh; /* a ptr suffices */
>
> splx(s); /* XXX */
> m->m_pkthdr.rcvif = NULL;
> eh = mtod(m, struct ether_header *);
> m_adj(m, ETHER_HDR_LEN);
> m = bdg_forward_ptr(m, eh, ifp);
> if (m != NULL)
> m_freem(m);
> return (0);
damn C++ :-)
Btw, could you please educate me a little bit about this splXXX() stuff ?
I've tried to understand it from man page, but failed...
What purpose does it serve here ? Is this like some kind of locking ?
Is it ok that there are return statements after ether_ipfw_chk() call in
ether_output_frame() without splx(s) ?
Thank you!
--
Andriy Gapon
*
"The worst part of communication is the illusion that it has
actually occurred". M. Jenkins.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021030185817.K30853-100000>