Date: Tue, 27 Jun 2006 10:50:34 GMT From: Colin Petrie <cpetrie@xcalibre.co.uk> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/99484: enabling net.inet.ip.fastforwarding breaks rfc2644 Message-ID: <200606271050.k5RAoYtK056561@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/99484; it has been noted by GNATS. From: Colin Petrie <cpetrie@xcalibre.co.uk> To: bug-followup@FreeBSD.org, cpetrie@xcalibre.co.uk Cc: Subject: Re: kern/99484: enabling net.inet.ip.fastforwarding breaks rfc2644 Date: Tue, 27 Jun 2006 11:46:17 +0100 Hi, The following patch appears to resolve the problem but I thought a bit of peer review would be nice. Anyone see any problems with this patch? Cheers Colin *** ip_fastfwd.c Tue Jun 27 11:29:01 2006 --- ip_fastfwd.c.new Tue Jun 27 11:30:18 2006 *************** ip_fastforward(struct mbuf *m) *** 162,167 **** --- 162,168 ---- u_short sum, ip_len; int error = 0; int hlen, mtu; + int isbroadcast; #ifdef IPFIREWALL_FORWARD struct m_tag *fwd_tag; #endif *************** ip_fastforward(struct mbuf *m) *** 275,280 **** --- 276,282 ---- goto drop; } + #ifdef ALTQ /* * Is packet dropped by traffic conditioner? *************** passin: *** 421,426 **** --- 423,439 ---- */ if (ro.ro_rt->rt_flags & RTF_BLACKHOLE) goto drop; + + /* + * Is packet a directed network broadcast packet? + */ + isbroadcast = in_broadcast(dst->sin_addr, ifp); + if (isbroadcast) { + printf("ip_fastfwd: dropping directed broadcast - to %s\n", + inet_ntoa(dst->sin_addr)); + ipstat.ips_badaddr++; + goto drop; + } /* * Step 5: outgoing firewall packet processing
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606271050.k5RAoYtK056561>