From owner-freebsd-net  Wed Jan 24 10: 8:57 2001
Delivered-To: freebsd-net@freebsd.org
Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36])
	by hub.freebsd.org (Postfix) with ESMTP
	id 55EAF37B400; Wed, 24 Jan 2001 10:08:39 -0800 (PST)
Received: (from rizzo@localhost)
	by iguana.aciri.org (8.11.1/8.11.1) id f0OI8cb09586;
	Wed, 24 Jan 2001 10:08:38 -0800 (PST)
	(envelope-from rizzo)
From: Luigi Rizzo <rizzo@aciri.org>
Message-Id: <200101241808.f0OI8cb09586@iguana.aciri.org>
Subject: dubious code in ip_output() ?
To: net@freebsd.org
Date: Wed, 24 Jan 2001 10:08:38 -0800 (PST)
X-Mailer: ELM [version 2.4ME+ PL43 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi,

the change attached at the end was applied to ip_output()
long ago -- it checks for room in the interface queue early
in the delivery process -- but does this before passing the packet
to the firewall.

To me this seems incorrect because the firewall can drop the packet,
divert it to a socket, maybe (not sure) change the output interface,
pass it to a dummynet pipe, etc.

Maybe none of these things were there at the time this code
was committed, but it sounds like we should remove it now.

(btw -- we also need to report up errors from dummynet
and divert whenever this is possible... I will also look
into this.)

Opinions ?

	cheers
	luigi

===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_output.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- src/sys/netinet/ip_output.c 1994/05/25 09:11:33     1.2
+++ src/sys/netinet/ip_output.c 1994/08/01 12:01:45     1.3
@@ -255,6 +255,16 @@ ip_output(m0, opt, ro, flags, imo)
                ip->ip_src = IA_SIN(ia)->sin_addr;
 #endif
        /*
+        * Verify that we have any chance at all of being able to queue
+        *      the packet or packet fragments
+        */
+       if ((ifp->if_snd.ifq_len + ip->ip_len / ifp->if_mtu + 1) >=
+               ifp->if_snd.ifq_maxlen) {
+                       error = ENOBUFS;
+                       goto bad;
+       }
+
+       /*
         * Look for broadcast address and
         * and verify user is allowed to send
         * such a packet.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message