svn commit: r333186 - head/sys/netinet6
Michael Tuexen
tuexen at FreeBSD.org
Wed May 2 22:11:17 UTC 2018
Author: tuexen
Date: Wed May 2 22:11:16 2018
New Revision: 333186
URL: https://svnweb.freebsd.org/changeset/base/333186
Log:
Send an ICMPv6 PacketTooBig message in case of forwading a packet which
is too big for the outgoing interface and no firewall is involed.
This problem was introduced in
https://svnweb.freebsd.org/changeset/base/324996
Thanks to Irene Ruengeler for finding the bug and testing the fix.
Reviewed by: kp@
MFC after: 3 days
Modified:
head/sys/netinet6/ip6_fastfwd.c
Modified: head/sys/netinet6/ip6_fastfwd.c
==============================================================================
--- head/sys/netinet6/ip6_fastfwd.c Wed May 2 21:32:20 2018 (r333185)
+++ head/sys/netinet6/ip6_fastfwd.c Wed May 2 22:11:16 2018 (r333186)
@@ -195,12 +195,19 @@ passin:
in6_ifstat_inc(rcvif, ifs6_in_noroute);
goto dropin;
}
+ if (!PFIL_HOOKED(&V_inet6_pfil_hook)) {
+ if (m->m_pkthdr.len > nh.nh_mtu) {
+ in6_ifstat_inc(nh.nh_ifp, ifs6_in_toobig);
+ icmp6_error(m, ICMP6_PACKET_TOO_BIG, 0, nh.nh_mtu);
+ m = NULL;
+ goto dropout;
+ }
+ goto passout;
+ }
/*
* Outgoing packet firewall processing.
*/
- if (!PFIL_HOOKED(&V_inet6_pfil_hook))
- goto passout;
if (pfil_run_hooks(&V_inet6_pfil_hook, &m, nh.nh_ifp, PFIL_OUT,
PFIL_FWD, NULL) != 0 || m == NULL)
goto dropout;
More information about the svn-src-head
mailing list