Date: Tue, 29 Oct 2002 09:55:21 -0800 From: Luigi Rizzo <rizzo@icir.org> To: Andriy Gapon <avg@icyb.net.ua> Cc: FreeBSD-gnats-submit@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: kern/44417: ipfw layer2 rules are not checked for ether_output_frame() on bridged interface Message-ID: <20021029095521.A12933@carp.icir.org> In-Reply-To: <20021028114346.T76307-100000@edge.foundation.invalid>; from avg@icyb.net.ua on Mon, Oct 28, 2002 at 11:47:41AM -0500 References: <200210231810.g9NIA15C037636@freefall.freebsd.org> <20021028114346.T76307-100000@edge.foundation.invalid>
next in thread | previous in thread | raw e-mail | index | archive | help
let me think about it, i am not 100% sure that it is the correct fix.
Could you summarise the bug and the logic for the fix ?
thanks
luigi
On Mon, Oct 28, 2002 at 11:47:41AM -0500, Andriy Gapon wrote:
>
> Here's a patch that I think fixes this problem, it works for me.
> If anybody else could test this that would be great.
>
> --- if_ethersubr.c.orig Wed Oct 23 15:27:08 2002
> +++ if_ethersubr.c Wed Oct 23 15:28:06 2002
> @@ -388,9 +388,6 @@
> if (m->m_flags == PACKET_TAG_DUMMYNET)
> rule = ((struct dn_pkt *)m)->rule;
>
> - if (rule) /* packet was already bridged */
> - goto no_bridge;
> -
> if (BDG_ACTIVE(ifp) ) {
> struct ether_header *eh; /* a ptr suffices */
>
> --- bridge.c.orig Wed Oct 23 15:28:16 2002
> +++ bridge.c Wed Oct 23 15:29:06 2002
> @@ -857,11 +857,11 @@
> * Additional restrictions may apply e.g. non-IP, short packets,
> * and pkts already gone through a pipe.
> */
> - if (src != NULL && (
> + if (
> #ifdef PFIL_HOOKS
> ((pfh = pfil_hook_get(PFIL_IN, &inetsw[ip_protox[IPPROTO_IP]].pr_pfh)) != NULL && bdg_ipf !=0) ||
> #endif
> - (IPFW_LOADED && bdg_ipfw != 0))) {
> + (IPFW_LOADED && bdg_ipfw != 0)) {
>
> int i;
>
>
> --
> Andriy Gapon
> *
> "Never try to outstubborn a cat." Lazarus Long, "Time Enough for Love"
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-ipfw" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021029095521.A12933>