DragonFly BSD
DragonFly bugs List (threaded) for 2005-01
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

IPFW2 layer2 filtering broken - PATCH


From: Gary Allan <dragonfly@xxxxxxxxxxxxxxx>
Date: Sun, 23 Jan 2005 22:25:38 +0000

Hello,

I've been experiencing a problem in that all incoming packets are being dropped when IPFW2 and sysctl net.link.ether.ipfw=1 are enabled. I've traced the problem to /usr/src/sys/net/if_ethersubr.c and think I've solved the problem (8Gb of file copying over wi0 without issues). Could somebody who understands this better than me take a look?

I narrowed the problem to the following section and compared it to the FreeBSD 4-STABLE sources.



diff -ruN if_ethersubr.c if_ethersubr.c.new
--- if_ethersubr.c      2005-01-06 09:14:13.000000000 +0000
+++ if_ethersubr.c.new  2005-01-23 21:52:33.000000000 +0000
@@ -677,10 +677,10 @@
 post_stats:
        if (IPFW_LOADED && ether_ipfw != 0) {
                if (!ether_ipfw_chk(&m, NULL, &rule, eh, FALSE)) {
-                       m_freem(m);
+                       if (m != NULL)
+                               m_freem(m);
                        return;
                }
-               eh = mtod(m, struct ether_header *);
        }

ether_type = ntohs(eh->ether_type);



There is also another section that calls ether_ipfw_chk() where there is a second "eh = mtod(m, struct ether_header *);" (Line 405) not present in the FreeBSD code. Removing it seems to have no effect.

Regards

G.Allan




[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]