in_broadcast() called for almost every packet in ip_output()

Ryan Stone rysto32 at
Mon Jul 25 18:09:54 UTC 2016

On Wed, Jul 20, 2016 at 7:57 PM, Ryan Stone <rysto32 at> wrote:

> Would it be correct to check for M_BCAST on the packet before checking for
> for a broadcast IP address?  I don't believe that there would be any
> security concerns with that approach.  If somebody injected a UDP packet
> with a broadcast IP address but a unicast MAC address, we would try to look
> up a pcb that matched, fail to find anything, and then drop the packet.

Ok, I've put this up for review, along with a fix for the 802.11 stack to
have it set M_BCAST properly:

Are there any other L2 protocols that we support other than Ethernet and
802.11 that I should audit to ensure it sets M_BCAST properly.

More information about the freebsd-transport mailing list