From owner-freebsd-bugs Tue Oct 29 10: 0:10 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F194037B401 for ; Tue, 29 Oct 2002 10:00:08 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6744E43E3B for ; Tue, 29 Oct 2002 10:00:08 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9TI08x3097539 for ; Tue, 29 Oct 2002 10:00:08 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9TI08Ej097538; Tue, 29 Oct 2002 10:00:08 -0800 (PST) Date: Tue, 29 Oct 2002 10:00:08 -0800 (PST) Message-Id: <200210291800.g9TI08Ej097538@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Luigi Rizzo Subject: Re: kern/44417: ipfw layer2 rules are not checked for ether_output_frame() on bridged interface Reply-To: Luigi Rizzo Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR kern/44417; it has been noted by GNATS. From: Luigi Rizzo To: Andriy Gapon Cc: FreeBSD-gnats-submit@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: kern/44417: ipfw layer2 rules are not checked for ether_output_frame() on bridged interface Date: Tue, 29 Oct 2002 09:55:21 -0800 let me think about it, i am not 100% sure that it is the correct fix. Could you summarise the bug and the logic for the fix ? thanks luigi On Mon, Oct 28, 2002 at 11:47:41AM -0500, Andriy Gapon wrote: > > Here's a patch that I think fixes this problem, it works for me. > If anybody else could test this that would be great. > > --- if_ethersubr.c.orig Wed Oct 23 15:27:08 2002 > +++ if_ethersubr.c Wed Oct 23 15:28:06 2002 > @@ -388,9 +388,6 @@ > if (m->m_flags == PACKET_TAG_DUMMYNET) > rule = ((struct dn_pkt *)m)->rule; > > - if (rule) /* packet was already bridged */ > - goto no_bridge; > - > if (BDG_ACTIVE(ifp) ) { > struct ether_header *eh; /* a ptr suffices */ > > --- bridge.c.orig Wed Oct 23 15:28:16 2002 > +++ bridge.c Wed Oct 23 15:29:06 2002 > @@ -857,11 +857,11 @@ > * Additional restrictions may apply e.g. non-IP, short packets, > * and pkts already gone through a pipe. > */ > - if (src != NULL && ( > + if ( > #ifdef PFIL_HOOKS > ((pfh = pfil_hook_get(PFIL_IN, &inetsw[ip_protox[IPPROTO_IP]].pr_pfh)) != NULL && bdg_ipf !=0) || > #endif > - (IPFW_LOADED && bdg_ipfw != 0))) { > + (IPFW_LOADED && bdg_ipfw != 0)) { > > int i; > > > -- > Andriy Gapon > * > "Never try to outstubborn a cat." Lazarus Long, "Time Enough for Love" > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message