On Tue, Mar 29, 2016 at 02:37:44PM +1000, David Gwynne wrote:
> because the network stack does it for it on the way in.
>
> the following chunk in src/sys/net/if_ethersubr.c does the same job
> later on:
>
> int
> ether_input(struct ifnet *ifp, struct mbuf *m, void *cookie)
> {
> ...
> /*
> * If packet is unicast, make sure it is for us. Drop otherwise.
> * This check is required in promiscous mode, and for some hypervisors
> * where the MAC filter is 'best effort' only.
> */
> if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
> if (memcmp(ac->ac_enaddr, eh->ether_dhost, ETHER_ADDR_LEN)) {
> m_freem(m);
> return (1);
> }
> }
> ...
>
> ok?
Fine with me if you update the comment in ether_input to indicate that
this is also needed for vlan and other virtual devices.
> Index: if_vlan.c
> ===================================================================
> RCS file: /cvs/src/sys/net/if_vlan.c,v
> retrieving revision 1.157
> diff -u -p -r1.157 if_vlan.c
> --- if_vlan.c 29 Mar 2016 04:33:16 -0000 1.157
> +++ if_vlan.c 29 Mar 2016 04:35:28 -0000
> @@ -375,18 +375,6 @@ vlan_input(struct ifnet *ifp0, struct mb
> goto drop;
>
> /*
> - * Drop promiscuously received packets if we are not in
> - * promiscuous mode.
> - */
> - if (!ETHER_IS_MULTICAST(eh->ether_dhost) &&
> - (ifp0->if_flags & IFF_PROMISC) &&
> - (ifv->ifv_if.if_flags & IFF_PROMISC) == 0) {
> - if (bcmp(&ifv->ifv_ac.ac_enaddr, eh->ether_dhost,
> - ETHER_ADDR_LEN))
> - goto drop;
> - }
> -
> - /*
> * Having found a valid vlan interface corresponding to
> * the given source interface and vlan tag, remove the
> * encapsulation.
>
--
:wq Claudio
