Hi,
I've noticed what I believe to be a bug in ip_output(). The piece of
code in question is when the firewall changes the destination address
of an outgoing packet and the subsequent re-calculation of the route.
The issue should be clear from the attached diff - basically what
happens is that for the second route lookup dst can point to
ro->ro_rt->rt_gateway instead of &ro->ro_dst. It seems as if this
issue is present on 7,8 and 9?
--- ip_output.c 2009-10-09 10:37:40.537408240 +0200
+++ /home/jacques/ip_output.c 2009-10-09 10:43:46.232819440 +0200
@@ -521,8 +521,10 @@
#endif
error = netisr_queue(NETISR_IP, m);
goto done;
- } else
+ } else {
+ dst = (struct sockaddr_in *)&ro->ro_dst;
goto again; /* Redo the routing table lookup. */
+ }
Regards,
Jacques
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
