artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: abc2f56) | patch
avoid passing weird mbuf chains to pf when pushing out a veb.
authordlg <dlg@openbsd.org>
Thu, 23 Nov 2023 23:45:10 +0000 (23:45 +0000)
committerdlg <dlg@openbsd.org>
Thu, 23 Nov 2023 23:45:10 +0000 (23:45 +0000)
commitf118729edc25580d2a952dfa1dc302a7259dfc88
tree8446a63d9429974508bc5828b5376dd0687caf9ctree | snapshot
parentabc2f56eba2789d232891372a7e52a080f48601dcommit | diff
avoid passing weird mbuf chains to pf when pushing out a veb.

pf expects the ip header to be in the first mbuf of the chain we
pass to pf_test, but in some situations the ethernet header is the
only data in the first mbuf. after we remove the ethernet header,
the first mbuf had no data in it which confused pf. fix this by
passing all packets to ip_check on output as well as input. ip input
handlers do all the necessary m_pullups.

found by Mark Patruck.
sys/net/if_veb.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim