From owner-freebsd-stable Mon Mar 5 15:55:30 2001 Delivered-To: freebsd-stable@freebsd.org Received: from phobos.talarian.com (mailhost.talarian.com [207.5.32.17]) by hub.freebsd.org (Postfix) with ESMTP id 59EA837B71B; Mon, 5 Mar 2001 15:55:22 -0800 (PST) (envelope-from nsayer@quack.kfu.com) Received: from quack.kfu.com ([10.4.10.6]) by phobos.talarian.com (8.9.0/8.9.0) with ESMTP id PAA09346; Mon, 5 Mar 2001 15:55:32 -0800 (PST) Message-ID: <3AA42769.6090805@quack.kfu.com> Date: Mon, 05 Mar 2001 15:55:21 -0800 From: Nick Sayer User-Agent: Mozilla/5.0 (X11; U; FreeBSD 4.2-RELEASE i386; en-US; 0.8) Gecko/20010216 X-Accept-Language: en MIME-Version: 1.0 To: Don Lewis Cc: freebsd-stable@FreeBSD.org, freebsd-ports@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet ip_input.c References: <200103052318.f25NImi08134@freefall.freebsd.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Don Lewis wrote: > truckman 2001/03/05 15:18:48 PST > > Modified files: (Branch: RELENG_4) > sys/netinet ip_input.c > Log: > MFC: 1.158 - 1.161 > [...] > > > Attempt to optimize the order of the tests. > > Also, disable unicast IP address vs. arrival interface checking by default > for POLA reasons. [...] > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_input.c.diff?r1=1.130.2.19&r2=1.130.2.20 For what it's worth, this checking will likely break the merlinmon port if enabled, as the packets that the Merlin/Sage devices send have the source address "forged" to be that of the host's IP address. For example, if the host gets an IP address of 192.9.200.4, then merlinmon will send UDP packets from 192.9.200.4 to 10.0.0.1 over the PPP link, and the replies will arrive from 192.9.200.4 to 192.9.200.4 over that same PPP link (the protocol merlinmon uses is a means to query connection status from the modem. The Merlin/Sage will intercept UDP requests to a particular IP/port and reply. Unfortunately, the reply packet addressing does not mirror the source). I've taken Novatel to task over this. This behavior keeps merlinmon from working natively on Linux without going into their IP stack and ripping this same check out. They don't seem to be willing to fix this, unfortunately (nor do they wish to fix their misinterpretation of MRU negotiation, but that's a whole 'nother story). Don't get me wrong - I am all for the change. I'm really only sending this message so that the answer to "why doesn't merlinmon work anymore?" can be found in the mailing list archives. :-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message