When fast-forwarding is enabled, do not forward directed IPv4 broadcasts

to locally attached broadcast networks. Note well: This relies on the layer 2 route cloning behaviour in BSD. PR: 98799 Tested by: Dmitry Sergienko MFC after: 1 week
author: bms <bms@FreeBSD.org> 2007-02-05 00:15:40 +0000
committer: bms <bms@FreeBSD.org> 2007-02-05 00:15:40 +0000
commit: 7925e63ddf2503578b494beaa7b4e98a843ed6d9 (patch)
tree: 5290fe765412a115e1083b389345c95b870aa8c4
parent: 06da13200299fbcb6cff807cd522cfeb0a4443b5 (diff)
download: FreeBSD-src-7925e63ddf2503578b494beaa7b4e98a843ed6d9.zip
FreeBSD-src-7925e63ddf2503578b494beaa7b4e98a843ed6d9.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c
index e98d630..90b3480 100644
--- a/sys/netinet/ip_fastfwd.c
+++ b/sys/netinet/ip_fastfwd.c
@@ -420,9 +420,11 @@ passin:
 	ifp = ro.ro_rt->rt_ifp;
 
 	/*
-	 * Immediately drop blackholed traffic.
+	 * Immediately drop blackholed traffic, and directed broadcasts
+	 * for either the all-ones or all-zero subnet addresses on
+	 * locally attached networks.
 	 */
-	if (ro.ro_rt->rt_flags & RTF_BLACKHOLE)
+	if ((ro.ro_rt->rt_flags & (RTF_BLACKHOLE|RTF_BROADCAST)) != 0)
 		goto drop;
 
 	/*
author	bms <bms@FreeBSD.org>	2007-02-05 00:15:40 +0000
committer	bms <bms@FreeBSD.org>	2007-02-05 00:15:40 +0000
commit	7925e63ddf2503578b494beaa7b4e98a843ed6d9 (patch)
tree	5290fe765412a115e1083b389345c95b870aa8c4
parent	06da13200299fbcb6cff807cd522cfeb0a4443b5 (diff)
download	FreeBSD-src-7925e63ddf2503578b494beaa7b4e98a843ed6d9.zip FreeBSD-src-7925e63ddf2503578b494beaa7b4e98a843ed6d9.tar.gz