Date: Wed, 24 Jan 2001 10:08:38 -0800 (PST) From: Luigi Rizzo <rizzo@aciri.org> To: net@freebsd.org Subject: dubious code in ip_output() ? Message-ID: <200101241808.f0OI8cb09586@iguana.aciri.org>
next in thread | raw e-mail | index | archive | help
Hi,
the change attached at the end was applied to ip_output()
long ago -- it checks for room in the interface queue early
in the delivery process -- but does this before passing the packet
to the firewall.
To me this seems incorrect because the firewall can drop the packet,
divert it to a socket, maybe (not sure) change the output interface,
pass it to a dummynet pipe, etc.
Maybe none of these things were there at the time this code
was committed, but it sounds like we should remove it now.
(btw -- we also need to report up errors from dummynet
and divert whenever this is possible... I will also look
into this.)
Opinions ?
cheers
luigi
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_output.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- src/sys/netinet/ip_output.c 1994/05/25 09:11:33 1.2
+++ src/sys/netinet/ip_output.c 1994/08/01 12:01:45 1.3
@@ -255,6 +255,16 @@ ip_output(m0, opt, ro, flags, imo)
ip->ip_src = IA_SIN(ia)->sin_addr;
#endif
/*
+ * Verify that we have any chance at all of being able to queue
+ * the packet or packet fragments
+ */
+ if ((ifp->if_snd.ifq_len + ip->ip_len / ifp->if_mtu + 1) >=
+ ifp->if_snd.ifq_maxlen) {
+ error = ENOBUFS;
+ goto bad;
+ }
+
+ /*
* Look for broadcast address and
* and verify user is allowed to send
* such a packet.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101241808.f0OI8cb09586>