cvs commit: src/sys/netinet ip_fw_pfil.c
glebius at FreeBSD.org
Wed Apr 6 07:00:34 PDT 2005
glebius 2005-04-06 14:00:33 UTC
FreeBSD src repository
When a packet has been reinjected into ipfw(4) after dummynet(4) processing
we have a non-NULL args.rule. If the same packet later is subject to "tee"
rule, its original is sent again into ipfw_chk() and it reenters at the same
rule. This leads to infinite loop and frozen router.
Assign args.rule to NULL, any time we are going to send packet back to
ipfw_chk() after a tee rule. This is a temporary workaround, which we
will leave for RELENG_5. In HEAD we are going to make divert(4) save
next rule the same way as dummynet(4) does.
Submitted by: Oleg Bulyzhin
Reviewed by: maxim, andre
MFC after: 3 days
Revision Changes Path
1.18 +6 -2 src/sys/netinet/ip_fw_pfil.c
More information about the cvs-src