When performing IP fast forwarding, immediately drop traffic which is

destined for a blackhole route. This also means that blackhole routes do not need to be bound to lo(4) or disc(4) interfaces for the net.inet.ip.fastforwarding=1 case. Submitted by: james at towardex dot com Sponsored by: eXtensible Open Router Project <URL:http://www.xorp.org/> MFC after: 3 weeks
author: bms <bms@FreeBSD.org> 2004-11-04 02:14:38 +0000
committer: bms <bms@FreeBSD.org> 2004-11-04 02:14:38 +0000
commit: ade2a04c45d71e7464326efaedec49eb1a2a3fb4 (patch)
tree: f41b8b7f4e3b33157e552d3f9cdffdcedc2a1673 /sys/netinet/ip_fastfwd.c
parent: b18ce8f76d492e4225f515bf8624237563ef3516 (diff)
download: FreeBSD-src-ade2a04c45d71e7464326efaedec49eb1a2a3fb4.zip
FreeBSD-src-ade2a04c45d71e7464326efaedec49eb1a2a3fb4.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c
index 09df699..1ad7d45 100644
--- a/sys/netinet/ip_fastfwd.c
+++ b/sys/netinet/ip_fastfwd.c
@@ -433,6 +433,12 @@ passin:
 	ifp = ro.ro_rt->rt_ifp;
 
 	/*
+	 * Immediately drop blackholed traffic.
+	 */
+	if (ro.ro_rt->rt_flags & RTF_BLACKHOLE)
+		goto drop;
+
+	/*
 	 * Step 5: outgoing firewall packet processing
 	 */
author	bms <bms@FreeBSD.org>	2004-11-04 02:14:38 +0000
committer	bms <bms@FreeBSD.org>	2004-11-04 02:14:38 +0000
commit	ade2a04c45d71e7464326efaedec49eb1a2a3fb4 (patch)
tree	f41b8b7f4e3b33157e552d3f9cdffdcedc2a1673 /sys/netinet/ip_fastfwd.c
parent	b18ce8f76d492e4225f515bf8624237563ef3516 (diff)
download	FreeBSD-src-ade2a04c45d71e7464326efaedec49eb1a2a3fb4.zip FreeBSD-src-ade2a04c45d71e7464326efaedec49eb1a2a3fb4.tar.gz