diff options
author | glebius <glebius@FreeBSD.org> | 2005-04-06 14:00:33 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2005-04-06 14:00:33 +0000 |
commit | d14eecdbbc4cc3413049b37a91314fc5eec4aef3 (patch) | |
tree | 764563abf565001aab9549715a5f19acb4f59c5a /sys/netinet | |
parent | ed60415691d3e58f9e06e27a395c6063502dbee2 (diff) | |
download | FreeBSD-src-d14eecdbbc4cc3413049b37a91314fc5eec4aef3.zip FreeBSD-src-d14eecdbbc4cc3413049b37a91314fc5eec4aef3.tar.gz |
When a packet has been reinjected into ipfw(4) after dummynet(4) processing
we have a non-NULL args.rule. If the same packet later is subject to "tee"
rule, its original is sent again into ipfw_chk() and it reenters at the same
rule. This leads to infinite loop and frozen router.
Assign args.rule to NULL, any time we are going to send packet back to
ipfw_chk() after a tee rule. This is a temporary workaround, which we
will leave for RELENG_5. In HEAD we are going to make divert(4) save
next rule the same way as dummynet(4) does.
PR: kern/79546
Submitted by: Oleg Bulyzhin
Reviewed by: maxim, andre
MFC after: 3 days
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/ip_fw_pfil.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/sys/netinet/ip_fw_pfil.c b/sys/netinet/ip_fw_pfil.c index 0103d8c..10a01ea 100644 --- a/sys/netinet/ip_fw_pfil.c +++ b/sys/netinet/ip_fw_pfil.c @@ -168,8 +168,10 @@ again: if (divert) { *m0 = NULL; return 0; /* packet consumed */ - } else + } else { + args.rule = NULL; goto again; /* continue with packet */ + } case IP_FW_NGTEE: if (!NG_IPFW_LOADED) @@ -291,8 +293,10 @@ again: if (divert) { *m0 = NULL; return 0; /* packet consumed */ - } else + } else { + args.rule = NULL; goto again; /* continue with packet */ + } case IP_FW_NGTEE: if (!NG_IPFW_LOADED) |