diff options
| author | archie <archie@FreeBSD.org> | 2000-06-02 22:47:53 +0000 |
|---|---|---|
| committer | archie <archie@FreeBSD.org> | 2000-06-02 22:47:53 +0000 |
| commit | 2a59c570d41e2173fba1fbc437dcccdb126acd3d (patch) | |
| tree | 60ed940d4ea8a980e3af7d3fbd7c71d0f50ab4c4 /sys/net | |
| parent | 9f245c92a7b6b00748f079f74b9ef2703435d187 (diff) | |
| download | FreeBSD-src-2a59c570d41e2173fba1fbc437dcccdb126acd3d.zip FreeBSD-src-2a59c570d41e2173fba1fbc437dcccdb126acd3d.tar.gz | |
Don't try to apply ipfw filtering to non-IP packets.
Reported-by: "Lachlan O'Dea" <lodea@vet.com.au>
Diffstat (limited to 'sys/net')
| -rw-r--r-- | sys/net/bridge.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/net/bridge.c b/sys/net/bridge.c index 83b711e..633b65a 100644 --- a/sys/net/bridge.c +++ b/sys/net/bridge.c @@ -656,6 +656,8 @@ bdg_forward(struct mbuf **m0, struct ether_header *const eh, struct ifnet *dst) goto forward ; if (src == NULL) goto forward ; /* do not apply to packets from ether_output */ + if (ntohs(eh->ether_type) != ETHERTYPE_IP) + goto forward ; /* not an IP packet, ipfw is not appropriate */ /* * In this section, canfree=1 means m is the same as *m0. * canfree==0 means m is a copy. We need to make a copy here |
