Has anyone made a patch to add ipfw2's verrev functionality in ip_input (or similar
place) ?
I've tried for a few days to write it myself but it keeps panicing on (among other
things) deleting of default route (i suspect that i really ask the route for 0.0.0.0).
I plan to add an ifconfig flag when this basic one works so i can enable/disable this
feature pr interface.
this compiles but bombs on "route delete default", i dont have a monitor on this box
because no monitor is available atm, so i cant really see what happens.
compilation flags are: -O -pipe -funroll-loops -ffast-math
os version: FreeBSD devil.wan.no 4.9-RELEASE-p1 FreeBSD 4.9-RELEASE-p1 (...) i386
can anyone spot the bug?
static int ip_verrevinterface = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, verrevinterface, CTLFLAG_RW,
&ip_verrevinterface, 0, "Verify packet reverse path");
...
void ip_input (struct mbuf *m)
{
struct route verrev_ro;
...
iphack:
...
right after "if (fr_checkp) {" clause
...
if (ip_verrevinterface && m->m_pkthdr.rcvif != NULL &&
((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0)) {
struct sockaddr_in *verrev_dst;
verrev_dst = (struct sockaddr_in *)&(verrev_ro.ro_dst);
/* Check if we've cached the route from the previous call. */
verrev_ro.ro_rt = NULL;
bzero(verrev_dst, sizeof(*verrev_dst));
verrev_dst->sin_family = AF_INET;
verrev_dst->sin_len = sizeof(*verrev_dst);
verrev_dst->sin_addr = ip->ip_src;
rtalloc_ign(&verrev_ro, RTF_CLONING|RTF_PRCLONING);
if ((verrev_ro.ro_rt == NULL) || (verrev_ro.ro_rt->rt_ifp->if_index !=
m->m_pkthdr.rcvif->if_index)) {
printf("ip_input: verrevpath expected %d but got %d\n",
m->m_pkthdr.rcvif->if_index,
verrev_ro.ro_rt->rt_ifp->if_index );
}
}
...
// sten
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
