On Tue, 03 Jan 2006, at 14:58, ?ukasz Bromirski wrote: > Yann Berthier wrote: > > > If this yet to be found wiser guy would not forget the loose check > > too (verrevpath in ipfw speaking), where packets matching the default > > route are ok ... :) > > Actually it does that and will until we'll have option to have two > or more default routes. > > Presently, if packets comes via interface and reply for it should be > sent on the same interface (because default route points to it and > there are no other routes pointing for the same destination to > another interface) it will work. > > Check fails if there's either interface mismatch, or source is present > in routing table but marked as RTF_REJECT/BLACKHOLE one.
My bad, i didn't looked at your patch, I was misleaded by the verrevpath / versrcreach description. > OpenBSD imported KAME mroute extension that enables them to have > more than one route for given destination simultaneously in routing > table. I'm looking into it now, as it's very attractive thing, > however as Andre is doing rework of network code I'm sure we'll have > it sooner or later and then maybe someone will revise old checks > already marked as 'XXX' in the code ;) Amen - yann _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"