Date: Sun, 19 Sep 2004 17:58:48 +0800 From: sam <sam.wun@authtec.net> To: freebsd-pf@freebsd.org Subject: Latest PF patch faield with Beta 4 Current Message-ID: <414D5858.2030709@authtec.net>
next in thread | raw e-mail | index | archive | help
Hi,
PF patch is failed with the following rej file:
***************
*** 544,557 ****
#else
#define BRIDGE_TEST (0) /* cc will optimise the test away */
#endif
/*
* For a bridge, we want to check the address irrespective
* of the receive interface. (This will change slightly
* when we have clusters of interfaces).
*/
LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash)
- if ((BRIDGE_TEST || (ia->ia_ifp == ifp)) &&
- itaddr.s_addr == ia->ia_addr.sin_addr.s_addr)
goto match;
LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash)
if ((BRIDGE_TEST || (ia->ia_ifp == ifp)) &&
--- 550,572 ----
#else
#define BRIDGE_TEST (0) /* cc will optimise the test away */
#endif
+
/*
* For a bridge, we want to check the address irrespective
* of the receive interface. (This will change slightly
* when we have clusters of interfaces).
+ * If the interface does not match, but the recieving interface
+ * is part of carp, we call carp_iamatch to see if this is a
+ * request for the virtual host ip.
+ * XXX: This is really ugly!
*/
LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash)
+ if ((BRIDGE_TEST || (ia->ia_ifp == ifp)
+ #ifdef DEV_CARP
+ || (ifp->if_carp
+ && carp_iamatch(ifp->if_carp, ia, &isaddr, &enaddr))
+ #endif
+ ) && itaddr.s_addr ==
ia->ia_addr.sin_addr.s_addr)
goto match;
LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash)
if ((BRIDGE_TEST || (ia->ia_ifp == ifp)) &&
***************
*** 566,579 ****
ia = ifatoia(ifa);
goto match;
}
/*
* If bridging, fall back to using any inet address.
*/
if (!BRIDGE_TEST || (ia = TAILQ_FIRST(&in_ifaddrhead)) == NULL)
goto drop;
match:
myaddr = ia->ia_addr.sin_addr;
- if (!bcmp(ar_sha(ah), IF_LLADDR(ifp), ifp->if_addrlen))
goto drop; /* it's from me, ignore it. */
if (!bcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) {
log(LOG_ERR,
--- 581,597 ----
ia = ifatoia(ifa);
goto match;
}
+
/*
* If bridging, fall back to using any inet address.
*/
if (!BRIDGE_TEST || (ia = TAILQ_FIRST(&in_ifaddrhead)) == NULL)
goto drop;
match:
+ if (!enaddr)
+ enaddr = (u_int8_t *)IF_LLADDR(ifp);
myaddr = ia->ia_addr.sin_addr;
+ if (!bcmp(ar_sha(ah), enaddr, ifp->if_addrlen))
goto drop; /* it's from me, ignore it. */
if (!bcmp(ar_sha(ah), ifp->if_broadcastaddr, ifp->if_addrlen)) {
log(LOG_ERR,
sam.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?414D5858.2030709>