Hello everybody, A kernel panic has been observed in both branches under the following conditions: o ipfw is configured with a "fwd" rule for outgoing packets that will match some RIP datagrams o GateD is started with RIP enabled and consequently sends a broadcast UDP datagram that matches the "fwd" rule
The panic happens there (the source file is sys/netinet/ip_output.c; quoted as to rev. 1.99.2.21): 740 if (ro_fwd->ro_rt->rt_flags & RTF_HOST) 741 isbroadcast = 742 (ro_fwd->ro_rt->rt_flags & RTF_BROADCAST); 743 else 744 isbroadcast = in_broadcast(dst->sin_addr, ifp); 745 RTFREE(ro->ro_rt); ^^^^^^^^^^^^^^^^^^^^^^^ 746 ro->ro_rt = ro_fwd->ro_rt; 747 dst = (struct sockaddr_in *)&ro_fwd->ro_dst; ro->ro_rt is NULL, which causes the panic. As far as I understand the ip_output() code, ro->ro_rt being NULL at that point is actually all right, so to solve the problem, the code just must be changed as follows: < RTFREE(ro->ro_rt); -- > if (ro->ro_rt) > RTFREE(ro->ro_rt); Am I right? Or ro->ro_rt should not be NULL there at all and the actual bug hides somewhere else? -- Yar To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
