From owner-cvs-all  Mon Mar  5 15:18:52 2001
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5516137B71A; Mon,  5 Mar 2001 15:18:49 -0800 (PST)
	(envelope-from truckman@FreeBSD.org)
Received: (from truckman@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f25NImi08134;
	Mon, 5 Mar 2001 15:18:48 -0800 (PST)
	(envelope-from truckman)
Message-Id: <200103052318.f25NImi08134@freefall.freebsd.org>
From: Don Lewis <truckman@FreeBSD.org>
Date: Mon, 5 Mar 2001 15:18:48 -0800 (PST)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src/sys/netinet ip_input.c
X-FreeBSD-CVS-Branch: RELENG_4
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

truckman    2001/03/05 15:18:48 PST

  Modified files:        (Branch: RELENG_4)
    sys/netinet          ip_input.c 
  Log:
  MFC: 1.158 - 1.161
  
  Block packets with a 127/8 destination arriving via an exernal interface.
  
  Disable IP address vs. arrival interface consistency checking for unicast
  packets when IP forwarding is enabled and for packets forwarded by 'ipfw fwd'.
  
  Always perform broadcast IP address vs. arrival interface checking.  This
  was the historical behavior, but has been broken for quite a while.
  
  Attempt to optimize the order of the tests.
  
  Also, disable unicast IP address vs. arrival interface checking by default
  for POLA reasons.
  
  Approved by:	jkh
  
  Revision    Changes    Path
  1.130.2.20  +59 -12    src/sys/netinet/ip_input.c


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message