On Thu, Sep 20, 2012 at 08:16:11PM +0200, Henning Brauer wrote:
> so, resurrecting, slighly updated diff.
>
> I need your help testing. This diff has a kinda high breakage
> potential, since there are quite a few output pathes. On the plus side
> breakage is easy to spot, since that'll result in bad checksums and
> thus these packets getting dropped. Should be all or none per given
> output path.
>
> Just run it. You'll notice when your network connections fail. The
> more obscure your setup, the better, basically. bridge, tunnels, you
> name it.
>
> if you spot breakage, drop me a mail. if you don't, do so as well
> please.
I'm running this on top of the "time_secons -> time_uptime" and
"divert-half" patches. IPv4 works just fine but IPv6 divert is broken,
tcpdump reports "bad udp cksum".
This fixes that (same thing as rev. 1.9 for ip_divert.c by claudio):
Index: netinet6/ip6_divert.c
===================================================================
RCS file: /opt/OpenBSD-CVS/src/sys/netinet6/ip6_divert.c,v
retrieving revision 1.5
diff -u -p -u -r1.5 ip6_divert.c
--- netinet6/ip6_divert.c 3 Jul 2010 04:44:51 -0000 1.5
+++ netinet6/ip6_divert.c 23 Sep 2012 08:22:47 -0000
@@ -175,6 +175,9 @@ divert6_packet(struct mbuf *m, int dir)
break;
}
}
+ /* force checksum calculation */
+ if (dir == PF_OUT)
+ in6_proto_cksum_out(m, NULL);
CIRCLEQ_FOREACH(inp, &divb6table.inpt_queue, inp_queue) {
if (inp->inp_lport != pd->port)
--
I'm not entirely sure you are real.
