From owner-freebsd-bugs  Mon Jan 29  8:20:22 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 4C68F37B69E
	for <freebsd-bugs@hub.freebsd.org>; Mon, 29 Jan 2001 08:20:02 -0800 (PST)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f0TGK2N85357;
	Mon, 29 Jan 2001 08:20:02 -0800 (PST)
	(envelope-from gnats)
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E515537B69E
	for <FreeBSD-gnats-submit@FreeBSD.ORG>; Mon, 29 Jan 2001 08:15:34 -0800 (PST)
Received: from hera.drwilco.net (10dyn120.dh.casema.net [212.64.31.120])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F2FF66E2B9A
	for <FreeBSD-gnats-submit@FreeBSD.ORG>; Mon, 29 Jan 2001 08:14:39 -0800 (PST)
Received: (from root@localhost)
	by hera.drwilco.net (8.11.1/8.11.1) id f0S6ul800782;
	Sun, 28 Jan 2001 07:56:47 +0100 (CET)
	(envelope-from drwilco)
Message-Id: <200101280656.f0S6ul800782@hera.drwilco.net>
Date: Sun, 28 Jan 2001 07:56:47 +0100 (CET)
From: drwilco@drwilco.net
Reply-To: drwilco@drwilco.net
To: FreeBSD-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: 3.2
Subject: kern/24720: Bridging code does not always check activation (w/patch)
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         24720
>Category:       kern
>Synopsis:       Bridging code does not always check activation (w/patch)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 29 08:20:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Rogier R. Mulhuijzen
>Release:        FreeBSD 4.2-STABLE & FreeBSD 5.0-CURRENT
>Organization:
>Environment:

	Running stable on gateway with BRIDGE, but bridging switched off with sysctl

>Description:

	When the kernel is compiled with BRIDGE certain checks are skipped. Even when the bridging has been disabled with the net.link.ether.bridge sysctl. This has the effect that when 2 interfaces are plugged into the same switch/bridge (but are on a different subnet) ARP requests are answered on both interfaces for the same IP with different MAC addresses.

>How-To-Repeat:

	configure 2 NICs, plug both into the same hub/switch/bridge, start 'tcpdump -i <interface> arp' on both interfaces, ping 1 IP from a 2nd host and watch the sparks fly.

>Fix:

	in sys/netinet/if_ether.c there are 2 places where an #ifdef BRIDGE assumes the bridging code is actually activated. Patch applies cleanly to both STABLE and CURRENT (both not more than a few days old)


--- sys/netinet/if_ether.c.old	Wed Jan 24 01:05:06 2001
+++ sys/netinet/if_ether.c	Sun Jan 28 06:46:27 2001
@@ -59,6 +59,10 @@
 #include <net/route.h>
 #include <net/netisr.h>
 #include <net/if_llc.h>
+#ifdef BRIDGE
+#include <net/ethernet.h>
+#include <net/bridge.h>
+#endif
 
 #include <netinet/in.h>
 #include <netinet/in_var.h>
@@ -525,14 +529,16 @@
 		 * of the receive interface. (This will change slightly
 		 * when we have clusters of interfaces).
 		 */
-		{
+		if (!do_bridge) {
 #else
-		if (ia->ia_ifp == &ac->ac_if) {
+		{
 #endif
-			maybe_ia = ia;
-			if ((itaddr.s_addr == ia->ia_addr.sin_addr.s_addr) ||
-			     (isaddr.s_addr == ia->ia_addr.sin_addr.s_addr))
-				break;
+			if (ia->ia_ifp == &ac->ac_if) {
+				maybe_ia = ia;
+				if ((itaddr.s_addr == ia->ia_addr.sin_addr.s_addr) ||
+				     (isaddr.s_addr == ia->ia_addr.sin_addr.s_addr))
+					break;
+			}
 		}
 	if (maybe_ia == 0) {
 		m_freem(m);
@@ -561,17 +567,21 @@
 	}
 	la = arplookup(isaddr.s_addr, itaddr.s_addr == myaddr.s_addr, 0);
 	if (la && (rt = la->la_rt) && (sdl = SDL(rt->rt_gateway))) {
-#ifndef BRIDGE /* the following is not an error when doing bridging */
-		if (rt->rt_ifp != &ac->ac_if) {
-			if (log_arp_wrong_iface)
-			log(LOG_ERR, "arp: %s is on %s%d but got reply from %6D on %s%d\n",
-			    inet_ntoa(isaddr),
-			    rt->rt_ifp->if_name, rt->rt_ifp->if_unit,
-			    ea->arp_sha, ":",
-			    ac->ac_if.if_name, ac->ac_if.if_unit);
-			goto reply;
-		}
+#ifdef BRIDGE 
+		if (!do_bridge) { /* the following is not an error when doing bridging */
+#else
+		{
 #endif
+			if (rt->rt_ifp != &ac->ac_if) {
+				if (log_arp_wrong_iface)
+				log(LOG_ERR, "arp: %s is on %s%d but got reply from %6D on %s%d\n",
+				    inet_ntoa(isaddr),
+				    rt->rt_ifp->if_name, rt->rt_ifp->if_unit,
+				    ea->arp_sha, ":",
+				    ac->ac_if.if_name, ac->ac_if.if_unit);
+				goto reply;
+			}
+		}
 		if (sdl->sdl_alen &&
 		    bcmp((caddr_t)ea->arp_sha, LLADDR(sdl), sdl->sdl_alen)) {
 			if (rt->rt_expire)


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message