diff options
author | mlaier <mlaier@FreeBSD.org> | 2004-09-14 15:20:24 +0000 |
---|---|---|
committer | mlaier <mlaier@FreeBSD.org> | 2004-09-14 15:20:24 +0000 |
commit | 23fe0c08eef69d33e67572d19254eb14e9bbb9ff (patch) | |
tree | adcaf18ce85672c351084212e8b02c76c8710a8d | |
parent | d7872e5e5f350a3b99d88b5941d7c27087d2a910 (diff) | |
download | FreeBSD-src-23fe0c08eef69d33e67572d19254eb14e9bbb9ff.zip FreeBSD-src-23fe0c08eef69d33e67572d19254eb14e9bbb9ff.tar.gz |
Reactivate skipping over bogus IPCP addresses on ppp interfaces. Be more
careful with the skip condition this time. Addresses are only not taken into
account if:
- The interface is POINTTOPOINT
- There is no route installed for the address
- The user specified noalias (:0)
and - We are looking at an IPv4 address.
This should be enough paranoia to not cause any false positives.
PR: misc/69954
Discussed with: yongari
MFC after: 4 days
-rw-r--r-- | sys/contrib/pf/net/pf_if.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/sys/contrib/pf/net/pf_if.c b/sys/contrib/pf/net/pf_if.c index 7f8ddb98..56388c9 100644 --- a/sys/contrib/pf/net/pf_if.c +++ b/sys/contrib/pf/net/pf_if.c @@ -638,8 +638,16 @@ pfi_instance_add(struct ifnet *ifp, int net, int flags) af = ia->ifa_addr->sa_family; if (af != AF_INET && af != AF_INET6) continue; -#ifdef notyet - if (!(ia->ifa_flags & IFA_ROUTE)) +#ifdef __FreeBSD__ + /* + * XXX: For point-to-point interfaces, (ifname:0) and IPv4, + * jump over addresses without a proper route to work + * around a problem with ppp not fully removing the + * address used during IPCP. + */ + if ((ifp->if_flags & IFF_POINTOPOINT) && + !(ia->ifa_flags & IFA_ROUTE) && + (flags & PFI_AFLAG_NOALIAS) && (af == AF_INET)) continue; #endif if ((flags & PFI_AFLAG_BROADCAST) && af == AF_INET6) |