IPFW2 versrcreach update
Gleb Smirnoff
glebius at freebsd.org
Tue Jul 20 00:18:04 PDT 2004
On Mon, Jul 19, 2004 at 10:12:38PM -0400, James wrote:
J> /* if no ifp provided, check if rtentry is not default route */
J> if (ifp == NULL &&
J> satosin(rt_key(ro.ro_rt))->sin_addr.s_addr == INADDR_ANY) {
J> RTFREE(ro.ro_rt);
J> return 0;
J> }
J>
J> + /* by this point a route is found. check if this is pointed
J> + * to blackhole/reject */
J> + if (ifp == NULL && ro.ro_rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE) ) {
J> + RTFREE(ro.ro_rt);
J> + return 0;
J> + }
J>
J>
J> Haven't tested this yet, but will do tomorrow after I finish some other stuff
J> I need done before rebooting w/ a test kernel.
J> Anyway the idea is to fail the check if the route has RTF_REJECT or
J> RTF_BLACKHOLE flag, under loose-check (ifp set to NULL) operation, which is
J> an easy straight forward change.
Seems reasonable from my viewpoint.
P.S. GNU zebra null-routes into lo0, always setting RTF_BLACKHOLE flag. What
software uses RTF_REJECT flag?
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
More information about the freebsd-net
mailing list