svn commit: r231715 - in projects/multi-fibv6/9: contrib/netcat
contrib/pf/pfctl etc/rc.d share/man/man4 sys/contrib/pf/net
sys/fs/nfsclient sys/kern sys/net sys/netinet
sys/netinet/ipfw sys/netine...
Bjoern A. Zeeb
bz at FreeBSD.org
Tue Feb 14 22:06:09 UTC 2012
Author: bz
Date: Tue Feb 14 22:06:08 2012
New Revision: 231715
URL: http://svn.freebsd.org/changeset/base/231715
Log:
Initial backport of the multi-FIB IPv6 changes from HEAD.
Sponsored by: Cisco Systems, Inc.
Modified:
projects/multi-fibv6/9/contrib/netcat/netcat.c
projects/multi-fibv6/9/contrib/pf/pfctl/parse.y
projects/multi-fibv6/9/etc/rc.d/routing
projects/multi-fibv6/9/share/man/man4/faith.4
projects/multi-fibv6/9/sys/contrib/pf/net/pf.c
projects/multi-fibv6/9/sys/contrib/pf/net/pf_ioctl.c
projects/multi-fibv6/9/sys/contrib/pf/net/pf_lb.c
projects/multi-fibv6/9/sys/contrib/pf/net/pf_norm.c
projects/multi-fibv6/9/sys/contrib/pf/net/pfvar.h
projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clport.c
projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clvfsops.c
projects/multi-fibv6/9/sys/kern/uipc_socket.c
projects/multi-fibv6/9/sys/net/flowtable.c
projects/multi-fibv6/9/sys/net/if_faith.c
projects/multi-fibv6/9/sys/net/route.c
projects/multi-fibv6/9/sys/net/route.h
projects/multi-fibv6/9/sys/netinet/in.c
projects/multi-fibv6/9/sys/netinet/ipfw/ip_fw2.c
projects/multi-fibv6/9/sys/netinet/sctp_os_bsd.h
projects/multi-fibv6/9/sys/netinet/tcp_subr.c
projects/multi-fibv6/9/sys/netinet6/icmp6.c
projects/multi-fibv6/9/sys/netinet6/in6.c
projects/multi-fibv6/9/sys/netinet6/in6_gif.c
projects/multi-fibv6/9/sys/netinet6/in6_ifattach.c
projects/multi-fibv6/9/sys/netinet6/in6_mcast.c
projects/multi-fibv6/9/sys/netinet6/in6_rmx.c
projects/multi-fibv6/9/sys/netinet6/in6_src.c
projects/multi-fibv6/9/sys/netinet6/in6_var.h
projects/multi-fibv6/9/sys/netinet6/ip6_forward.c
projects/multi-fibv6/9/sys/netinet6/ip6_input.c
projects/multi-fibv6/9/sys/netinet6/ip6_output.c
projects/multi-fibv6/9/sys/netinet6/ip6_var.h
projects/multi-fibv6/9/sys/netinet6/nd6.c
projects/multi-fibv6/9/sys/netinet6/nd6_nbr.c
projects/multi-fibv6/9/sys/netinet6/nd6_rtr.c
projects/multi-fibv6/9/sys/netinet6/raw_ip6.c
projects/multi-fibv6/9/sys/netipsec/ipsec_output.c
projects/multi-fibv6/9/sys/nfs/bootp_subr.c
projects/multi-fibv6/9/sys/nfsclient/nfs_vfsops.c
projects/multi-fibv6/9/usr.bin/netstat/route.c
Modified: projects/multi-fibv6/9/contrib/netcat/netcat.c
==============================================================================
--- projects/multi-fibv6/9/contrib/netcat/netcat.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/contrib/netcat/netcat.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -605,8 +605,10 @@ remote_connect(const char *host, const c
#endif
if (rtableid) {
- if (setfib(rtableid) == -1)
- err(1, "setfib");
+ if (setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid,
+ sizeof(rtableid)) == -1)
+ err(1, "setsockopt(.., SO_SETFIB, %u, ..)",
+ rtableid);
}
/* Bind to a local port or source address if specified. */
@@ -678,8 +680,11 @@ local_listen(char *host, char *port, str
continue;
if (rtableid) {
- if (setfib(rtableid) == -1)
- err(1, "setfib");
+ ret = setsockopt(s, SOL_SOCKET, SO_SETFIB, &rtableid,
+ sizeof(rtableid));
+ if (ret == -1)
+ err(1, "setsockopt(.., SO_SETFIB, %u, ..)",
+ rtableid);
}
ret = setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &x, sizeof(x));
Modified: projects/multi-fibv6/9/contrib/pf/pfctl/parse.y
==============================================================================
--- projects/multi-fibv6/9/contrib/pf/pfctl/parse.y Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/contrib/pf/pfctl/parse.y Tue Feb 14 22:06:08 2012 (r231715)
@@ -33,6 +33,9 @@ __FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
+#ifdef __FreeBSD__
+#include <sys/sysctl.h>
+#endif
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
@@ -335,6 +338,7 @@ int expand_skip_interface(struct node_
int check_rulestate(int);
int getservice(char *);
int rule_label(struct pf_rule *, char *);
+int rt_tableid_max(void);
void mv_rules(struct pf_ruleset *, struct pf_ruleset *);
void decide_address_family(struct node_host *, sa_family_t *);
@@ -1174,7 +1178,7 @@ scrub_opt : NODF {
scrub_opts.randomid = 1;
}
| RTABLE NUMBER {
- if ($2 < 0 /* || $2 > RT_TABLEID_MAX */) {
+ if ($2 < 0 || $2 > rt_tableid_max()) {
yyerror("invalid rtable id");
YYERROR;
}
@@ -1322,7 +1326,7 @@ antispoof_opt : label {
antispoof_opts.label = $1;
}
| RTABLE NUMBER {
- if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) {
+ if ($2 < 0 || $2 > rt_tableid_max()) {
yyerror("invalid rtable id");
YYERROR;
}
@@ -2361,7 +2365,7 @@ filter_opt : USER uids {
filter_opts.prob = 1;
}
| RTABLE NUMBER {
- if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) {
+ if ($2 < 0 || $2 > rt_tableid_max()) {
yyerror("invalid rtable id");
YYERROR;
}
@@ -4190,7 +4194,7 @@ tagged : /* empty */ { $$.neg = 0; $$.
rtable : /* empty */ { $$ = -1; }
| RTABLE NUMBER {
- if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) {
+ if ($2 < 0 || $2 > rt_tableid_max()) {
yyerror("invalid rtable id");
YYERROR;
}
@@ -6051,3 +6055,23 @@ pfctl_load_anchors(int dev, struct pfctl
return (0);
}
+
+int
+rt_tableid_max(void)
+{
+#ifdef __FreeBSD__
+ int fibs;
+ size_t l = sizeof(fibs);
+
+ if (sysctlbyname("net.fibs", &fibs, &l, NULL, 0) == -1)
+ fibs = 16; /* XXX RT_MAXFIBS, at least limit it some. */
+ /*
+ * As the OpenBSD code only compares > and not >= we need to adjust
+ * here given we only accept values of 0..n and want to avoid #ifdefs
+ * in the grammer.
+ */
+ return (fibs - 1);
+#else
+ return (RT_TABLEID_MAX);
+#endif
+}
Modified: projects/multi-fibv6/9/etc/rc.d/routing
==============================================================================
--- projects/multi-fibv6/9/etc/rc.d/routing Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/etc/rc.d/routing Tue Feb 14 22:06:08 2012 (r231715)
@@ -137,12 +137,22 @@ static_inet()
static_inet6()
{
- local _action i
+ local _action i fibs
_action=$1
+ # get the number of FIBs supported.
+ fibs=`sysctl -n net.fibs`
+ : ${fibs:=1}
+
# disallow "internal" addresses to appear on the wire
- route ${_action} -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
- route ${_action} -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
+ i=0
+ while test ${i} -lt ${fibs}; do
+ setfib -F ${i} route ${_action} \
+ -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
+ setfib -F ${i} route ${_action} \
+ -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
+ i=$((i + 1))
+ done
case ${ipv6_defaultrouter} in
[Nn][Oo] | '')
@@ -214,8 +224,14 @@ static_inet6()
# for the host case, you will allow to omit the identifiers.
# Under this configuration, the packets will go to the default
# interface.
- route ${_action} -inet6 fe80:: -prefixlen 10 ::1 -reject
- route ${_action} -inet6 ff02:: -prefixlen 16 ::1 -reject
+ i=0
+ while test ${i} -lt ${fibs}; do
+ setfib -F ${i} route ${_action} \
+ -inet6 fe80:: -prefixlen 10 ::1 -reject
+ setfib -F ${i} route ${_action} \
+ -inet6 ff02:: -prefixlen 16 ::1 -reject
+ i=$((i + 1))
+ done
case ${ipv6_default_interface} in
'')
Modified: projects/multi-fibv6/9/share/man/man4/faith.4
==============================================================================
--- projects/multi-fibv6/9/share/man/man4/faith.4 Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/share/man/man4/faith.4 Tue Feb 14 22:06:08 2012 (r231715)
@@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd April 10, 1999
+.Dd January 23, 2012
.Dt FAITH 4
.Os
.Sh NAME
@@ -58,7 +58,7 @@ variable in
.Xr rc.conf 5 .
.Pp
Special action will be taken when IPv6 TCP traffic is seen on a router,
-and the routing table suggests to route it to the
+and the default routing table suggests to route it to the
.Nm
interface.
In this case, the packet will be accepted by the router,
Modified: projects/multi-fibv6/9/sys/contrib/pf/net/pf.c
==============================================================================
--- projects/multi-fibv6/9/sys/contrib/pf/net/pf.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/contrib/pf/net/pf.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -320,7 +320,7 @@ u_int8_t pf_get_wscale(struct mbuf *,
u_int16_t pf_get_mss(struct mbuf *, int, u_int16_t,
sa_family_t);
u_int16_t pf_calc_mss(struct pf_addr *, sa_family_t,
- u_int16_t);
+ int, u_int16_t);
void pf_set_rt_ifp(struct pf_state *,
struct pf_addr *);
int pf_check_proto_cksum(struct mbuf *, int, int,
@@ -3137,7 +3137,7 @@ pf_get_mss(struct mbuf *m, int off, u_in
}
u_int16_t
-pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer)
+pf_calc_mss(struct pf_addr *addr, sa_family_t af, int rtableid, u_int16_t offer)
{
#ifdef INET
struct sockaddr_in *dst;
@@ -3166,11 +3166,7 @@ pf_calc_mss(struct pf_addr *addr, sa_fam
dst->sin_len = sizeof(*dst);
dst->sin_addr = addr->v4;
#ifdef __FreeBSD__
-#ifdef RTF_PRCLONING
- rtalloc_ign(&ro, (RTF_CLONING | RTF_PRCLONING));
-#else /* !RTF_PRCLONING */
- in_rtalloc_ign(&ro, 0, 0);
-#endif
+ in_rtalloc_ign(&ro, 0, rtableid);
#else /* ! __FreeBSD__ */
rtalloc_noclone(&ro, NO_CLONING);
#endif
@@ -3186,12 +3182,7 @@ pf_calc_mss(struct pf_addr *addr, sa_fam
dst6->sin6_len = sizeof(*dst6);
dst6->sin6_addr = addr->v6;
#ifdef __FreeBSD__
-#ifdef RTF_PRCLONING
- rtalloc_ign((struct route *)&ro6,
- (RTF_CLONING | RTF_PRCLONING));
-#else /* !RTF_PRCLONING */
- rtalloc_ign((struct route *)&ro6, 0);
-#endif
+ in6_rtalloc_ign(&ro6, 0, rtableid);
#else /* ! __FreeBSD__ */
rtalloc_noclone((struct route *)&ro6, NO_CLONING);
#endif
@@ -3532,14 +3523,14 @@ pf_test_rule(struct pf_rule **rm, struct
else if (r->proto && r->proto != pd->proto)
r = r->skip[PF_SKIP_PROTO].ptr;
else if (PF_MISMATCHAW(&r->src.addr, saddr, af,
- r->src.neg, kif))
+ r->src.neg, kif, M_GETFIB(m)))
r = r->skip[PF_SKIP_SRC_ADDR].ptr;
/* tcp/udp only. port_op always 0 in other cases */
else if (r->src.port_op && !pf_match_port(r->src.port_op,
r->src.port[0], r->src.port[1], sport))
r = r->skip[PF_SKIP_SRC_PORT].ptr;
else if (PF_MISMATCHAW(&r->dst.addr, daddr, af,
- r->dst.neg, NULL))
+ r->dst.neg, NULL, M_GETFIB(m)))
r = r->skip[PF_SKIP_DST_ADDR].ptr;
/* tcp/udp only. port_op always 0 in other cases */
else if (r->dst.port_op && !pf_match_port(r->dst.port_op,
@@ -3988,9 +3979,10 @@ pf_create_state(struct pf_rule *r, struc
}
s->src.seqhi = htonl(arc4random());
/* Find mss option */
+ int rtid = M_GETFIB(m);
mss = pf_get_mss(m, off, th->th_off, pd->af);
- mss = pf_calc_mss(pd->src, pd->af, mss);
- mss = pf_calc_mss(pd->dst, pd->af, mss);
+ mss = pf_calc_mss(pd->src, pd->af, rtid, mss);
+ mss = pf_calc_mss(pd->dst, pd->af, rtid, mss);
s->src.mss = mss;
#ifdef __FreeBSD__
pf_send_tcp(NULL, r, pd->af, pd->dst, pd->src, th->th_dport,
@@ -4072,10 +4064,10 @@ pf_test_fragment(struct pf_rule **rm, in
else if (r->proto && r->proto != pd->proto)
r = r->skip[PF_SKIP_PROTO].ptr;
else if (PF_MISMATCHAW(&r->src.addr, pd->src, af,
- r->src.neg, kif))
+ r->src.neg, kif, M_GETFIB(m)))
r = r->skip[PF_SKIP_SRC_ADDR].ptr;
else if (PF_MISMATCHAW(&r->dst.addr, pd->dst, af,
- r->dst.neg, NULL))
+ r->dst.neg, NULL, M_GETFIB(m)))
r = r->skip[PF_SKIP_DST_ADDR].ptr;
else if (r->tos && !(r->tos == pd->tos))
r = TAILQ_NEXT(r, entries);
@@ -5677,7 +5669,8 @@ pf_pull_hdr(struct mbuf *m, int off, voi
}
int
-pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kif *kif)
+pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kif *kif,
+ int rtableid)
{
#ifdef __FreeBSD__
#ifdef RADIX_MPATH
@@ -5751,13 +5744,21 @@ pf_routable(struct pf_addr *addr, sa_fam
goto out;
#ifdef __FreeBSD__
-/* XXX MRT not always INET */ /* stick with table 0 though */
+ switch (af) {
+#ifdef INET6
+ case AF_INET6:
+ in6_rtalloc_ign(&ro, 0, rtableid);
+ break;
+#endif
#ifdef INET
- if (af == AF_INET)
- in_rtalloc_ign((struct route *)&ro, 0, 0);
- else
+ case AF_INET:
+ in_rtalloc_ign((struct route *)&ro, 0, rtableid);
+ break;
#endif
- rtalloc_ign((struct route *)&ro, 0);
+ default:
+ rtalloc_ign((struct route *)&ro, 0); /* No/default FIB. */
+ break;
+ }
#else /* ! __FreeBSD__ */
rtalloc_noclone((struct route *)&ro, NO_CLONING);
#endif
@@ -5803,7 +5804,8 @@ out:
}
int
-pf_rtlabel_match(struct pf_addr *addr, sa_family_t af, struct pf_addr_wrap *aw)
+pf_rtlabel_match(struct pf_addr *addr, sa_family_t af, struct pf_addr_wrap *aw,
+ int rtableid)
{
struct sockaddr_in *dst;
#ifdef INET6
@@ -5835,16 +5837,21 @@ pf_rtlabel_match(struct pf_addr *addr, s
}
#ifdef __FreeBSD__
-# ifdef RTF_PRCLONING
- rtalloc_ign((struct route *)&ro, (RTF_CLONING|RTF_PRCLONING));
-# else /* !RTF_PRCLONING */
+ switch (af) {
+#ifdef INET6
+ case AF_INET6:
+ in6_rtalloc_ign(&ro, 0, rtableid);
+ break;
+#endif
#ifdef INET
- if (af == AF_INET)
- in_rtalloc_ign((struct route *)&ro, 0, 0);
- else
+ case AF_INET:
+ in_rtalloc_ign((struct route *)&ro, 0, rtableid);
+ break;
#endif
+ default:
rtalloc_ign((struct route *)&ro, 0);
-# endif
+ break;
+ }
#else /* ! __FreeBSD__ */
rtalloc_noclone((struct route *)&ro, NO_CLONING);
#endif
@@ -5927,7 +5934,7 @@ pf_route(struct mbuf **m, struct pf_rule
if (r->rt == PF_FASTROUTE) {
#ifdef __FreeBSD__
- in_rtalloc(ro, 0);
+ in_rtalloc_ign(ro, 0, M_GETFIB(m0));
#else
rtalloc(ro);
#endif
@@ -6893,7 +6900,7 @@ done:
("pf: dropping packet with ip options\n"));
}
- if ((s && s->tag) || r->rtableid)
+ if ((s && s->tag) || r->rtableid >= 0)
#ifdef __FreeBSD__
pf_tag_packet(m, s ? s->tag : 0, r->rtableid, pd.pf_mtag);
#else
@@ -7437,7 +7444,7 @@ done:
("pf: dropping packet with dangerous v6 headers\n"));
}
- if ((s && s->tag) || r->rtableid)
+ if ((s && s->tag) || r->rtableid >= 0)
#ifdef __FreeBSD__
pf_tag_packet(m, s ? s->tag : 0, r->rtableid, pd.pf_mtag);
#else
Modified: projects/multi-fibv6/9/sys/contrib/pf/net/pf_ioctl.c
==============================================================================
--- projects/multi-fibv6/9/sys/contrib/pf/net/pf_ioctl.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/contrib/pf/net/pf_ioctl.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -1754,7 +1754,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t a
}
#ifdef __FreeBSD__ /* ROUTING */
- if (rule->rtableid > 0 && rule->rtableid > rt_numfibs)
+ if (rule->rtableid > 0 && rule->rtableid >= rt_numfibs)
#else
if (rule->rtableid > 0 && !rtable_exists(rule->rtableid))
#endif
@@ -2035,7 +2035,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t a
if (newrule->rtableid > 0 &&
#ifdef __FreeBSD__ /* ROUTING */
- newrule->rtableid > rt_numfibs)
+ newrule->rtableid >= rt_numfibs)
#else
!rtable_exists(newrule->rtableid))
#endif
Modified: projects/multi-fibv6/9/sys/contrib/pf/net/pf_lb.c
==============================================================================
--- projects/multi-fibv6/9/sys/contrib/pf/net/pf_lb.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/contrib/pf/net/pf_lb.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -261,7 +261,7 @@ pf_match_translation(struct pf_pdesc *pd
else if (r->proto && r->proto != pd->proto)
r = r->skip[PF_SKIP_PROTO].ptr;
else if (PF_MISMATCHAW(&src->addr, saddr, pd->af,
- src->neg, kif))
+ src->neg, kif, M_GETFIB(m)))
r = r->skip[src == &r->src ? PF_SKIP_SRC_ADDR :
PF_SKIP_DST_ADDR].ptr;
else if (src->port_op && !pf_match_port(src->port_op,
@@ -269,10 +269,11 @@ pf_match_translation(struct pf_pdesc *pd
r = r->skip[src == &r->src ? PF_SKIP_SRC_PORT :
PF_SKIP_DST_PORT].ptr;
else if (dst != NULL &&
- PF_MISMATCHAW(&dst->addr, daddr, pd->af, dst->neg, NULL))
+ PF_MISMATCHAW(&dst->addr, daddr, pd->af, dst->neg, NULL,
+ M_GETFIB(m)))
r = r->skip[PF_SKIP_DST_ADDR].ptr;
else if (xdst != NULL && PF_MISMATCHAW(xdst, daddr, pd->af,
- 0, NULL))
+ 0, NULL, M_GETFIB(m)))
r = TAILQ_NEXT(r, entries);
else if (dst != NULL && dst->port_op &&
!pf_match_port(dst->port_op, dst->port[0],
Modified: projects/multi-fibv6/9/sys/contrib/pf/net/pf_norm.c
==============================================================================
--- projects/multi-fibv6/9/sys/contrib/pf/net/pf_norm.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/contrib/pf/net/pf_norm.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -1163,11 +1163,11 @@ pf_normalize_ip(struct mbuf **m0, int di
r = r->skip[PF_SKIP_PROTO].ptr;
else if (PF_MISMATCHAW(&r->src.addr,
(struct pf_addr *)&h->ip_src.s_addr, AF_INET,
- r->src.neg, kif))
+ r->src.neg, kif, M_GETFIB(m)))
r = r->skip[PF_SKIP_SRC_ADDR].ptr;
else if (PF_MISMATCHAW(&r->dst.addr,
(struct pf_addr *)&h->ip_dst.s_addr, AF_INET,
- r->dst.neg, NULL))
+ r->dst.neg, NULL, M_GETFIB(m)))
r = r->skip[PF_SKIP_DST_ADDR].ptr;
#ifdef __FreeBSD__
else if (r->match_tag && !pf_match_tag(m, r, &tag, pd->pf_mtag))
@@ -1428,11 +1428,11 @@ pf_normalize_ip6(struct mbuf **m0, int d
#endif
else if (PF_MISMATCHAW(&r->src.addr,
(struct pf_addr *)&h->ip6_src, AF_INET6,
- r->src.neg, kif))
+ r->src.neg, kif, M_GETFIB(m)))
r = r->skip[PF_SKIP_SRC_ADDR].ptr;
else if (PF_MISMATCHAW(&r->dst.addr,
(struct pf_addr *)&h->ip6_dst, AF_INET6,
- r->dst.neg, NULL))
+ r->dst.neg, NULL, M_GETFIB(m)))
r = r->skip[PF_SKIP_DST_ADDR].ptr;
else
break;
@@ -1593,13 +1593,13 @@ pf_normalize_tcp(int dir, struct pfi_kif
else if (r->proto && r->proto != pd->proto)
r = r->skip[PF_SKIP_PROTO].ptr;
else if (PF_MISMATCHAW(&r->src.addr, pd->src, af,
- r->src.neg, kif))
+ r->src.neg, kif, M_GETFIB(m)))
r = r->skip[PF_SKIP_SRC_ADDR].ptr;
else if (r->src.port_op && !pf_match_port(r->src.port_op,
r->src.port[0], r->src.port[1], th->th_sport))
r = r->skip[PF_SKIP_SRC_PORT].ptr;
else if (PF_MISMATCHAW(&r->dst.addr, pd->dst, af,
- r->dst.neg, NULL))
+ r->dst.neg, NULL, M_GETFIB(m)))
r = r->skip[PF_SKIP_DST_ADDR].ptr;
else if (r->dst.port_op && !pf_match_port(r->dst.port_op,
r->dst.port[0], r->dst.port[1], th->th_dport))
Modified: projects/multi-fibv6/9/sys/contrib/pf/net/pfvar.h
==============================================================================
--- projects/multi-fibv6/9/sys/contrib/pf/net/pfvar.h Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/contrib/pf/net/pfvar.h Tue Feb 14 22:06:08 2012 (r231715)
@@ -402,14 +402,18 @@ extern struct mtx pf_task_mtx;
#endif /* PF_INET6_ONLY */
#endif /* PF_INET_INET6 */
-#define PF_MISMATCHAW(aw, x, af, neg, ifp) \
+/*
+ * XXX callers not FIB-aware in our version of pf yet.
+ * OpenBSD fixed it later it seems, 2010/05/07 13:33:16 claudio.
+ */
+#define PF_MISMATCHAW(aw, x, af, neg, ifp, rtid) \
( \
(((aw)->type == PF_ADDR_NOROUTE && \
- pf_routable((x), (af), NULL)) || \
+ pf_routable((x), (af), NULL, (rtid))) || \
(((aw)->type == PF_ADDR_URPFFAILED && (ifp) != NULL && \
- pf_routable((x), (af), (ifp))) || \
+ pf_routable((x), (af), (ifp), (rtid))) || \
((aw)->type == PF_ADDR_RTLABEL && \
- !pf_rtlabel_match((x), (af), (aw))) || \
+ !pf_rtlabel_match((x), (af), (aw), (rtid))) || \
((aw)->type == PF_ADDR_TABLE && \
!pfr_match_addr((aw)->p.tbl, (x), (af))) || \
((aw)->type == PF_ADDR_DYNIFTL && \
@@ -1977,8 +1981,10 @@ int pf_normalize_tcp_stateful(struct mbu
u_int32_t
pf_state_expires(const struct pf_state *);
void pf_purge_expired_fragments(void);
-int pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kif *);
-int pf_rtlabel_match(struct pf_addr *, sa_family_t, struct pf_addr_wrap *);
+int pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kif *,
+ int);
+int pf_rtlabel_match(struct pf_addr *, sa_family_t, struct pf_addr_wrap *,
+ int);
#ifdef __FreeBSD__
int pf_socket_lookup(int, struct pf_pdesc *, struct inpcb *);
#else
Modified: projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clport.c
==============================================================================
--- projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clport.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clport.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -976,7 +976,8 @@ nfscl_getmyip(struct nfsmount *nmp, int
sad.sin_len = sizeof (struct sockaddr_in);
sad.sin_addr.s_addr = sin->sin_addr.s_addr;
CURVNET_SET(CRED_TO_VNET(nmp->nm_sockreq.nr_cred));
- rt = rtalloc1((struct sockaddr *)&sad, 0, 0UL);
+ rt = rtalloc1_fib((struct sockaddr *)&sad, 0, 0UL,
+ curthread->td_proc->p_fibnum);
if (rt != NULL) {
if (rt->rt_ifp != NULL &&
rt->rt_ifa != NULL &&
@@ -1001,7 +1002,8 @@ nfscl_getmyip(struct nfsmount *nmp, int
sad6.sin6_len = sizeof (struct sockaddr_in6);
sad6.sin6_addr = sin6->sin6_addr;
CURVNET_SET(CRED_TO_VNET(nmp->nm_sockreq.nr_cred));
- rt = rtalloc1((struct sockaddr *)&sad6, 0, 0UL);
+ rt = rtalloc1_fib((struct sockaddr *)&sad6, 0, 0UL,
+ curthread->td_proc->p_fibnum);
if (rt != NULL) {
if (rt->rt_ifp != NULL &&
rt->rt_ifa != NULL &&
Modified: projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clvfsops.c
==============================================================================
--- projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clvfsops.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/fs/nfsclient/nfs_clvfsops.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -459,10 +459,10 @@ nfs_mountroot(struct mount *mp)
sin.sin_len = sizeof(sin);
/* XXX MRT use table 0 for this sort of thing */
CURVNET_SET(TD_TO_VNET(td));
- error = rtrequest(RTM_ADD, (struct sockaddr *)&sin,
+ error = rtrequest_fib(RTM_ADD, (struct sockaddr *)&sin,
(struct sockaddr *)&nd->mygateway,
(struct sockaddr *)&mask,
- RTF_UP | RTF_GATEWAY, NULL);
+ RTF_UP | RTF_GATEWAY, NULL, RT_DEFAULT_FIB);
CURVNET_RESTORE();
if (error)
panic("nfs_mountroot: RTM_ADD: %d", error);
Modified: projects/multi-fibv6/9/sys/kern/uipc_socket.c
==============================================================================
--- projects/multi-fibv6/9/sys/kern/uipc_socket.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/kern/uipc_socket.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -392,6 +392,7 @@ socreate(int dom, struct socket **aso, i
so->so_type = type;
so->so_cred = crhold(cred);
if ((prp->pr_domain->dom_family == PF_INET) ||
+ (prp->pr_domain->dom_family == PF_INET6) ||
(prp->pr_domain->dom_family == PF_ROUTE))
so->so_fibnum = td->td_proc->p_fibnum;
else
@@ -2498,12 +2499,13 @@ sosetopt(struct socket *so, struct socko
case SO_SETFIB:
error = sooptcopyin(sopt, &optval, sizeof optval,
sizeof optval);
- if (optval < 0 || optval > rt_numfibs) {
+ if (optval < 0 || optval >= rt_numfibs) {
error = EINVAL;
goto bad;
}
if (so->so_proto != NULL &&
((so->so_proto->pr_domain->dom_family == PF_INET) ||
+ (so->so_proto->pr_domain->dom_family == PF_INET6) ||
(so->so_proto->pr_domain->dom_family == PF_ROUTE))) {
so->so_fibnum = optval;
/* Note: ignore error */
Modified: projects/multi-fibv6/9/sys/net/flowtable.c
==============================================================================
--- projects/multi-fibv6/9/sys/net/flowtable.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/net/flowtable.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -373,7 +373,7 @@ SYSCTL_VNET_PROC(_net_inet_flowtable, OI
#ifndef RADIX_MPATH
static void
-in_rtalloc_ign_wrapper(struct route *ro, uint32_t hash, u_int fibnum)
+rtalloc_ign_wrapper(struct route *ro, uint32_t hash, u_int fibnum)
{
rtalloc_ign_fib(ro, 0, fibnum);
@@ -1312,7 +1312,7 @@ flowtable_alloc(char *name, int nentry,
#ifdef RADIX_MPATH
ft->ft_rtalloc = rtalloc_mpath_fib;
#else
- ft->ft_rtalloc = in_rtalloc_ign_wrapper;
+ ft->ft_rtalloc = rtalloc_ign_wrapper;
#endif
if (flags & FL_PCPU) {
ft->ft_lock = flowtable_pcpu_lock;
Modified: projects/multi-fibv6/9/sys/net/if_faith.c
==============================================================================
--- projects/multi-fibv6/9/sys/net/if_faith.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/net/if_faith.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -338,7 +338,7 @@ faithprefix(in6)
sin6.sin6_family = AF_INET6;
sin6.sin6_len = sizeof(struct sockaddr_in6);
sin6.sin6_addr = *in6;
- rt = rtalloc1((struct sockaddr *)&sin6, 0, 0UL);
+ rt = in6_rtalloc1((struct sockaddr *)&sin6, 0, 0UL, RT_DEFAULT_FIB);
if (rt && rt->rt_ifp && rt->rt_ifp->if_type == IFT_FAITH &&
(rt->rt_ifp->if_flags & IFF_UP) != 0)
ret = 1;
Modified: projects/multi-fibv6/9/sys/net/route.c
==============================================================================
--- projects/multi-fibv6/9/sys/net/route.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/net/route.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -35,6 +35,7 @@
***********************************************************************/
#include "opt_inet.h"
+#include "opt_inet6.h"
#include "opt_route.h"
#include "opt_mrouting.h"
#include "opt_mpath.h"
@@ -72,7 +73,11 @@ SYSCTL_UINT(_net, OID_AUTO, fibs, CTLFLA
/*
* Allow the boot code to allow LESS than RT_MAXFIBS to be used.
* We can't do more because storage is statically allocated for now.
- * (for compatibility reasons.. this will change).
+ * (for compatibility reasons.. this will change. When this changes, code should
+ * be refactored to protocol independent parts and protocol dependent parts,
+ * probably hanging of domain(9) specific storage to not need the full
+ * fib * af RNH allocation etc. but allow tuning the number of tables per
+ * address family).
*/
TUNABLE_INT("net.fibs", &rt_numfibs);
@@ -82,6 +87,9 @@ TUNABLE_INT("net.fibs", &rt_numfibs);
* changes for the FIB of the caller when adding a new set of addresses
* to an interface. XXX this is a shotgun aproach to a problem that needs
* a more fine grained solution.. that will come.
+ * XXX also has the problems getting the FIB from curthread which will not
+ * always work given the fib can be overridden and prefixes can be added
+ * from the network stack context.
*/
u_int rt_add_addr_allfibs = 1;
SYSCTL_UINT(_net, OID_AUTO, add_addr_allfibs, CTLFLAG_RW,
@@ -196,27 +204,23 @@ vnet_route_init(const void *unused __unu
V_rtzone = uma_zcreate("rtentry", sizeof(struct rtentry), NULL, NULL,
NULL, NULL, UMA_ALIGN_PTR, 0);
for (dom = domains; dom; dom = dom->dom_next) {
- if (dom->dom_rtattach) {
- for (table = 0; table < rt_numfibs; table++) {
- if ( (fam = dom->dom_family) == AF_INET ||
- table == 0) {
- /* for now only AF_INET has > 1 table */
- /* XXX MRT
- * rtattach will be also called
- * from vfs_export.c but the
- * offset will be 0
- * (only for AF_INET and AF_INET6
- * which don't need it anyhow)
- */
- rnh = rt_tables_get_rnh_ptr(table, fam);
- if (rnh == NULL)
- panic("%s: rnh NULL", __func__);
- dom->dom_rtattach((void **)rnh,
- dom->dom_rtoffset);
- } else {
- break;
- }
- }
+ if (dom->dom_rtattach == NULL)
+ continue;
+
+ for (table = 0; table < rt_numfibs; table++) {
+ fam = dom->dom_family;
+ if (table != 0 && fam != AF_INET6 && fam != AF_INET)
+ break;
+
+ /*
+ * XXX MRT rtattach will be also called from
+ * vfs_export.c but the offset will be 0 (only for
+ * AF_INET and AF_INET6 which don't need it anyhow).
+ */
+ rnh = rt_tables_get_rnh_ptr(table, fam);
+ if (rnh == NULL)
+ panic("%s: rnh NULL", __func__);
+ dom->dom_rtattach((void **)rnh, dom->dom_rtoffset);
}
}
}
@@ -233,20 +237,19 @@ vnet_route_uninit(const void *unused __u
struct radix_node_head **rnh;
for (dom = domains; dom; dom = dom->dom_next) {
- if (dom->dom_rtdetach) {
- for (table = 0; table < rt_numfibs; table++) {
- if ( (fam = dom->dom_family) == AF_INET ||
- table == 0) {
- /* For now only AF_INET has > 1 tbl. */
- rnh = rt_tables_get_rnh_ptr(table, fam);
- if (rnh == NULL)
- panic("%s: rnh NULL", __func__);
- dom->dom_rtdetach((void **)rnh,
- dom->dom_rtoffset);
- } else {
- break;
- }
- }
+ if (dom->dom_rtdetach == NULL)
+ continue;
+
+ for (table = 0; table < rt_numfibs; table++) {
+ fam = dom->dom_family;
+
+ if (table != 0 && fam != AF_INET6 && fam != AF_INET)
+ break;
+
+ rnh = rt_tables_get_rnh_ptr(table, fam);
+ if (rnh == NULL)
+ panic("%s: rnh NULL", __func__);
+ dom->dom_rtdetach((void **)rnh, dom->dom_rtoffset);
}
}
}
@@ -274,7 +277,8 @@ sys_setfib(struct thread *td, struct set
void
rtalloc(struct route *ro)
{
- rtalloc_ign_fib(ro, 0UL, 0);
+
+ rtalloc_ign_fib(ro, 0UL, RT_DEFAULT_FIB);
}
void
@@ -294,7 +298,7 @@ rtalloc_ign(struct route *ro, u_long ign
RTFREE(rt);
ro->ro_rt = NULL;
}
- ro->ro_rt = rtalloc1_fib(&ro->ro_dst, 1, ignore, 0);
+ ro->ro_rt = rtalloc1_fib(&ro->ro_dst, 1, ignore, RT_DEFAULT_FIB);
if (ro->ro_rt)
RT_UNLOCK(ro->ro_rt);
}
@@ -324,7 +328,8 @@ rtalloc_ign_fib(struct route *ro, u_long
struct rtentry *
rtalloc1(struct sockaddr *dst, int report, u_long ignflags)
{
- return (rtalloc1_fib(dst, report, ignflags, 0));
+
+ return (rtalloc1_fib(dst, report, ignflags, RT_DEFAULT_FIB));
}
struct rtentry *
@@ -339,8 +344,15 @@ rtalloc1_fib(struct sockaddr *dst, int r
int needlock;
KASSERT((fibnum < rt_numfibs), ("rtalloc1_fib: bad fibnum"));
- if (dst->sa_family != AF_INET) /* Only INET supports > 1 fib now */
- fibnum = 0;
+ switch (dst->sa_family) {
+ case AF_INET6:
+ case AF_INET:
+ /* We support multiple FIBs. */
+ break;
+ default:
+ fibnum = RT_DEFAULT_FIB;
+ break;
+ }
rnh = rt_tables_get_rnh(fibnum, dst->sa_family);
newrt = NULL;
if (rnh == NULL)
@@ -486,7 +498,8 @@ rtredirect(struct sockaddr *dst,
int flags,
struct sockaddr *src)
{
- rtredirect_fib(dst, gateway, netmask, flags, src, 0);
+
+ rtredirect_fib(dst, gateway, netmask, flags, src, RT_DEFAULT_FIB);
}
void
@@ -617,7 +630,8 @@ out:
int
rtioctl(u_long req, caddr_t data)
{
- return (rtioctl_fib(req, data, 0));
+
+ return (rtioctl_fib(req, data, RT_DEFAULT_FIB));
}
/*
@@ -647,7 +661,8 @@ rtioctl_fib(u_long req, caddr_t data, u_
struct ifaddr *
ifa_ifwithroute(int flags, struct sockaddr *dst, struct sockaddr *gateway)
{
- return (ifa_ifwithroute_fib(flags, dst, gateway, 0));
+
+ return (ifa_ifwithroute_fib(flags, dst, gateway, RT_DEFAULT_FIB));
}
struct ifaddr *
@@ -732,7 +747,9 @@ rtrequest(int req,
int flags,
struct rtentry **ret_nrt)
{
- return (rtrequest_fib(req, dst, gateway, netmask, flags, ret_nrt, 0));
+
+ return (rtrequest_fib(req, dst, gateway, netmask, flags, ret_nrt,
+ RT_DEFAULT_FIB));
}
int
@@ -771,7 +788,8 @@ rtrequest_fib(int req,
int
rt_getifa(struct rt_addrinfo *info)
{
- return (rt_getifa_fib(info, 0));
+
+ return (rt_getifa_fib(info, RT_DEFAULT_FIB));
}
/*
@@ -1029,8 +1047,16 @@ rtrequest1_fib(int req, struct rt_addrin
#define senderr(x) { error = x ; goto bad; }
KASSERT((fibnum < rt_numfibs), ("rtrequest1_fib: bad fibnum"));
- if (dst->sa_family != AF_INET) /* Only INET supports > 1 fib now */
- fibnum = 0;
+ switch (dst->sa_family) {
+ case AF_INET6:
+ case AF_INET:
+ /* We support multiple FIBs. */
+ break;
+ default:
+ fibnum = RT_DEFAULT_FIB;
+ break;
+ }
+
/*
* Find the correct routing tree to use for this Address Family
*/
@@ -1136,8 +1162,7 @@ rtrequest1_fib(int req, struct rt_addrin
rt->rt_flags = RTF_UP | flags;
rt->rt_fibnum = fibnum;
/*
- * Add the gateway. Possibly re-malloc-ing the storage for it
- *
+ * Add the gateway. Possibly re-malloc-ing the storage for it.
*/
RT_LOCK(rt);
if ((error = rt_setgate(rt, dst, gateway)) != 0) {
@@ -1186,12 +1211,15 @@ rtrequest1_fib(int req, struct rt_addrin
#ifdef FLOWTABLE
rt0 = NULL;
- /* XXX
- * "flow-table" only support IPv4 at the moment.
- * XXX-BZ as of r205066 it would support IPv6.
- */
+ /* "flow-table" only supports IPv6 and IPv4 at the moment. */
+ switch (dst->sa_family) {
+#ifdef INET6
+ case AF_INET6:
+#endif
#ifdef INET
- if (dst->sa_family == AF_INET) {
+ case AF_INET:
+#endif
+#if defined(INET6) || defined(INET)
rn = rnh->rnh_matchaddr(dst, rnh);
if (rn && ((rn->rn_flags & RNF_ROOT) == 0)) {
struct sockaddr *mask;
@@ -1230,9 +1258,9 @@ rtrequest1_fib(int req, struct rt_addrin
}
}
}
+#endif/* INET6 || INET */
}
-#endif
-#endif
+#endif /* FLOWTABLE */
/* XXX mtu manipulation will be done in rnh_addaddr -- itojun */
rn = rnh->rnh_addaddr(ndst, netmask, rnh, rt->rt_nodes);
@@ -1254,9 +1282,18 @@ rtrequest1_fib(int req, struct rt_addrin
}
#ifdef FLOWTABLE
else if (rt0 != NULL) {
+ switch (dst->sa_family) {
+#ifdef INET6
+ case AF_INET6:
+ flowtable_route_flush(V_ip6_ft, rt0);
+ break;
+#endif
#ifdef INET
- flowtable_route_flush(V_ip_ft, rt0);
+ case AF_INET:
+ flowtable_route_flush(V_ip_ft, rt0);
+ break;
#endif
+ }
RTFREE(rt0);
}
#endif
@@ -1388,8 +1425,17 @@ rtinit1(struct ifaddr *ifa, int cmd, int
dst = ifa->ifa_addr;
netmask = ifa->ifa_netmask;
}
- if ( dst->sa_family != AF_INET)
- fibnum = 0;
+ if (dst->sa_len == 0)
+ return(EINVAL);
+ switch (dst->sa_family) {
+ case AF_INET6:
+ case AF_INET:
+ /* We support multiple FIBs. */
+ break;
+ default:
+ fibnum = RT_DEFAULT_FIB;
+ break;
+ }
if (fibnum == -1) {
if (rt_add_addr_allfibs == 0 && cmd == (int)RTM_ADD) {
startfib = endfib = curthread->td_proc->p_fibnum;
@@ -1402,8 +1448,6 @@ rtinit1(struct ifaddr *ifa, int cmd, int
startfib = fibnum;
endfib = fibnum;
}
- if (dst->sa_len == 0)
- return(EINVAL);
/*
* If it's a delete, check that if it exists,
@@ -1427,9 +1471,7 @@ rtinit1(struct ifaddr *ifa, int cmd, int
* Now go through all the requested tables (fibs) and do the
* requested action. Realistically, this will either be fib 0
* for protocols that don't do multiple tables or all the
- * tables for those that do. XXX For this version only AF_INET.
- * When that changes code should be refactored to protocol
- * independent parts and protocol dependent parts.
+ * tables for those that do.
*/
for ( fibnum = startfib; fibnum <= endfib; fibnum++) {
if (cmd == RTM_DELETE) {
@@ -1569,12 +1611,14 @@ rtinit1(struct ifaddr *ifa, int cmd, int
return (error);
}
+#ifndef BURN_BRIDGES
/* special one for inet internal use. may not use. */
int
rtinit_fib(struct ifaddr *ifa, int cmd, int flags)
{
return (rtinit1(ifa, cmd, flags, -1));
}
+#endif
/*
* Set up a routing table entry, normally
@@ -1584,7 +1628,7 @@ int
rtinit(struct ifaddr *ifa, int cmd, int flags)
{
struct sockaddr *dst;
- int fib = 0;
+ int fib = RT_DEFAULT_FIB;
if (flags & RTF_HOST) {
dst = ifa->ifa_dstaddr;
@@ -1592,7 +1636,12 @@ rtinit(struct ifaddr *ifa, int cmd, int
dst = ifa->ifa_addr;
}
- if (dst->sa_family == AF_INET)
+ switch (dst->sa_family) {
+ case AF_INET6:
+ case AF_INET:
+ /* We do support multiple FIBs. */
fib = -1;
+ break;
+ }
return (rtinit1(ifa, cmd, flags, fib));
}
Modified: projects/multi-fibv6/9/sys/net/route.h
==============================================================================
--- projects/multi-fibv6/9/sys/net/route.h Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/net/route.h Tue Feb 14 22:06:08 2012 (r231715)
@@ -111,6 +111,7 @@ struct rt_metrics {
#endif
#endif
+#define RT_DEFAULT_FIB 0 /* Explicitly mark fib=0 restricted cases */
extern u_int rt_numfibs; /* number fo usable routing tables */
/*
* XXX kernel function pointer `rt_output' is visible to applications.
@@ -405,8 +406,10 @@ void rtredirect(struct sockaddr *, stru
int rtrequest(int, struct sockaddr *,
struct sockaddr *, struct sockaddr *, int, struct rtentry **);
+#ifndef BURN_BRIDGES
/* defaults to "all" FIBs */
int rtinit_fib(struct ifaddr *, int, int);
+#endif
/* XXX MRT NEW VERSIONS THAT USE FIBs
* For now the protocol indepedent versions are the same as the AF_INET ones
Modified: projects/multi-fibv6/9/sys/netinet/in.c
==============================================================================
--- projects/multi-fibv6/9/sys/netinet/in.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/netinet/in.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -938,7 +938,7 @@ in_ifinit(struct ifnet *ifp, struct in_i
bzero(&ia_ro, sizeof(ia_ro));
*((struct sockaddr_in *)(&ia_ro.ro_dst)) = ia->ia_addr;
- rtalloc_ign_fib(&ia_ro, 0, 0);
+ rtalloc_ign_fib(&ia_ro, 0, RT_DEFAULT_FIB);
if ((ia_ro.ro_rt != NULL) && (ia_ro.ro_rt->rt_ifp != NULL) &&
(ia_ro.ro_rt->rt_ifp == V_loif)) {
RT_LOCK(ia_ro.ro_rt);
Modified: projects/multi-fibv6/9/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- projects/multi-fibv6/9/sys/netinet/ipfw/ip_fw2.c Tue Feb 14 21:48:46 2012 (r231714)
+++ projects/multi-fibv6/9/sys/netinet/ipfw/ip_fw2.c Tue Feb 14 22:06:08 2012 (r231715)
@@ -496,7 +496,7 @@ search_ip6_addr_net (struct in6_addr * i
}
static int
-verify_path6(struct in6_addr *src, struct ifnet *ifp)
+verify_path6(struct in6_addr *src, struct ifnet *ifp, u_int fib)
{
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-projects
mailing list