On Mon, Jul 23, 2001 at 08:01:33PM -0700, Julian Elischer wrote:
> Brooks Davis wrote:
> >
> > I just ran into what appears to be a bug in the ip_checkinterface code.
> > The problem is that is assumes m->m_pkthdr.rcvif is non-NULL.
> > Apparently this is normally true, but I have some netgraph code that
> > processes it's processes in such a way that they lose their interface
> > pointer which means that when I stick them back into the ip_stack get a
> > panic. A quick patch that fixes the problem is included below. Is
> > this fix correct?
>
> another possibility is to assign an incoming interface to the reinjected packet
> :-)
The problem with that is I'd basicaly just have to invent one because
at that point I have no easy way of knowing where the packet came from.
The other place ip_input() looks at the interface, it check that it
exists first so there is some precident.
> (what are you using netgraph for?)
I'm using it to direct traffic from a number of agents through a userland
network simulator. Each agent sits at the end of an IP over IP tunnel
connected to a gif interface. I've written part of an ng_gif module
based on ng_ether to provide access to all packets arriving over the
interface. An ng_gif_demux module allows me to take all the inet
packets off of each interface. An ng_one2many node is used to
consolidate packets from these interfaces and feed them into an ng_split
node which currently feeds them to the userland via an ng_socket node.
On return from the simulator (currently, "nghook -l -n -a split:
mixed"), the split node passes the packet to an ng_ip_input node which
simply accepts packets, shoves them onto the ip input queue and
schedules an ip soft interupt. This is where the current ip_input()
gets into trouble because the mbuf created by ng_socket does not contain
an interface pointer.
In the final version, there will be a small address translator between the
ng_split and ng_socket nodes handling a hack which will allow multiple
agents to exist on the same host and still be forced to talk through
the simulator without significant code modifications.
There's a somewhat inaccurate picture at:
http://people.freebsd.org/~brooks/tnt-netgraph.ps
Assuming our funding for this didn't just totally vanish, I'm hoping to
have a paper to present on this for BSDCon.
-- Brooks
--
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
PGP signature
